Prepare Statement

Last Updated: August 19, 2021

wpdb prepare statements can be used to prevent SQL injection attacks when you write to tables WordPress.


$sql = $wpdb->prepare("INSERT INTO $dbTable (Distance, Date, UserID) VALUES (%d,%s,%d)",$formData, $today, $userID);
$wpdb->query($sql);