Office Address

41/D, West Brahmondi, Narsingdi

Phone Number


Email Address

Are you getting wpdb::prepare() error on after upgrading to WordPress 3.5 ?

Don’t worry your website is not broken.

WordPress is just working you that your theme or plugin is not prepare to fight with hacker.

And your website is possibly expose for SQL injection vulnerability.

So how to stop this error and fix your website ?

A quick solve is to put

[php]@ini_set(‘display_errors’, 0);[/php]

on your WordPress wp-config.php. (Note: Hiding errors on production sites is good practice anyway.)

Now Here’s how $wpdb->prepare() is supposed to work:

[php]$wpdb->prepare( "SELECT * FROM table WHERE ID = %d AND name = %s", $id, $name );[/php]

See how $id and %s is passed as a argument. This makes sure your query is safe.

And may be your code are like this format

[php]$wpdb->prepare( "SELECT COUNT(*) FROM table" );[/php]

So you are getting error message

Please comment if you have any question

Written by

Maidul Islam

I am a freelance web developer.Like to share what i learn.