$wpdb in WordPress is a global object that provides an easy and safe way to interact with the WordPress database. It can be used to perform custom database queries and access WordPress data that is not readily available through WordPress functions. Here are some different examples of using $wpdb in WordPress:
Selecting Data From a Table
Using the SELECT statement, you can use $wpdb to select data from a table. Here’s an example:
global $wpdb;
$results = $wpdb->get_results( "SELECT * FROM {$wpdb->prefix}posts WHERE post_type = 'post' AND post_status = 'publish'" );
Inserting Data Into a Table
To insert data into a table, you can use $wpdb->insert()
. The method takes two parameters: the name of the table to insert the data into, and an array of data to insert. The array’s keys should correspond to the table’s column names, and the values should be the data to insert. Here’s an example:
global $wpdb;
$data = array(
'post_title' => 'My New Post',
'post_content' => 'This is my new post.',
'post_type' => 'post'
);
$wpdb->insert("{$wpdb->prefix}posts", $data);
global $wpdb;
$wpdb->insert( "{$wpdb->prefix}my_table", array( 'column_name' => 'value' ) );
Updating Data in a Table
Another important use case for $wpdb
is updating data in the WordPress database. To update data, we can use the $wpdb->update()
method. This method takes three arguments:
- The name of the table to update.
- An array of data to update.
- An array of conditions for the update.
Here’s an example:
global $wpdb;
$wpdb->update(
$wpdb->posts,
array( 'post_title' => 'New Post Title' ),
array( 'ID' => 123 )
);
global $wpdb;
$wpdb->update( "{$wpdb->prefix}my_table", array( 'column_name' => 'new_value' ), array( 'ID' => 1 ) );
Deleting Data From a Table
To delete data from a table, you can use $wpdb->delete()
. The method takes two parameters: the name of the table to delete data from, and an array of conditions that must be met for the deletion to take place. The conditions array should have keys corresponding to the column names and values corresponding to the values that must be met for the deletion to occur.
Here’s an example:
global $wpdb;
$conditions = array(
'ID' => 1
);
$wpdb->delete("{$wpdb->prefix}posts", $conditions);
global $wpdb;
$wpdb->delete( "{$wpdb->prefix}my_table", array( 'ID' => 1 ) );
Custom Query With a Prepared Statement
You can use $wpdb to run a custom query with a prepared statement. Here’s an example:
global $wpdb;
$wpdb->query( $wpdb->prepare( "SELECT * FROM {$wpdb->prefix}my_table WHERE column_name = %s", $variable ) );
Custom Query With an Unprepared Statement
You can use $wpdb to run a custom query with an unprepared statement. Here’s an example:
global $wpdb;
$wpdb->query( "SELECT * FROM {$wpdb->prefix}my_table WHERE column_name = 'value'" );
Getting the ID of the Last Inserted Row
You can use $wpdb to get the ID of the last inserted row using the insert_id property. Here’s an example:
global $wpdb;
$wpdb->insert( "{$wpdb->prefix}my_table", array( 'column_name' => 'value' ) );
$id = $wpdb->insert_id;
Escaping Data for Use in a Query
It is important to properly escape data that is used in SQL queries to prevent SQL injection attacks. The $wpdb class provides several methods for escaping data, including $wpdb->prepare() and $wpdb->esc_like(). Here is an example:
global $wpdb;
$name = 'John Doe';
$escaped_name = $wpdb->prepare('%s', $name);
$result = $wpdb->query("SELECT * FROM {$wpdb->prefix}my_table WHERE name = $escaped_name");
This will properly escape the $name variable and prevent SQL injection attacks.
Getting the Number of Rows Affected by a Query
You can use $wpdb to get the number of rows affected by a query using the rows_affected property. Here’s an example:
global $wpdb;
$wpdb->query( "DELETE FROM {$wpdb->prefix}my_table WHERE column_name = 'value'" );
$number_of_rows_affected = $wpdb->rows_affected;
Retrieving a Single Variable From a Query
You can use $wpdb to retrieve a single variable from a query using the get_var method. Here’s an example:
global $wpdb;
$post_title = $wpdb->get_var( "SELECT post_title FROM {$wpdb->posts} WHERE ID = 123" );
echo $post_title;
In this example, we’re retrieving the post_title
for the post with an ID
of 123
. The result will be a string containing the post title.
Just like with the previous examples, it’s important to use the $wpdb->prepare()
method to prepare the SQL query to prevent SQL injection attacks.
Here’s an example of how to retrieve a single variable using $wpdb->prepare()
:
global $wpdb;
$post_id = 123;
$post_title = $wpdb->get_var( $wpdb->prepare(
"SELECT post_title FROM {$wpdb->posts} WHERE ID = %d",
$post_id
) );
echo $post_title;
In this example, we’re using the $wpdb->prepare()
method to prepare the SQL query and passing in the $post_id
variable as the argument. This helps prevent SQL injection attacks by sanitizing the input.
These are just a few examples of how you can use the $wpdb in WordPress. With $wpdb, you can perform all sorts of database operations, from simple selects to complex joins and subqueries. Just remember to always properly escape data to prevent security vulnerabilities.