wpdb::esc_like() WordPress Method

The wpdb::esc_like() method is used to escape LIKE wildcards in SQL. LIKE wildcards are used in database search operations. The method takes a string as an argument and returns the escaped string.

wpdb::esc_like( string $text ) #

First half of escaping for LIKE special characters % and _ before preparing for SQL.

Contents

Description

Use this only before wpdb::prepare() or esc_sql(). Reversing the order is very bad for security.

Example Prepared Statement:

$wild = '%';
$find = 'only 43% of planets';
$like = $wild . $wpdb->esc_like( $find ) . $wild;
$sql  = $wpdb->prepare( "SELECT * FROM $wpdb->posts WHERE post_content LIKE %s", $like );

Example Escape Chain:

$sql  = esc_sql( $wpdb->esc_like( $input ) );

Top ↑

Parameters

$text

(string)(Required)The raw text to be escaped. The input typed by the user should have no extra or deleted slashes.

Top ↑

Return

(string) Text in the form of a LIKE phrase. The output is not SQL safe. Call wpdb::prepare() or wpdb::_real_escape() next.

Top ↑

Source

File: wp-includes/wp-db.php

	public function esc_like( $text ) {
		return addcslashes( $text, '_%\\' );
	}

Expand full source codeCollapse full source codeView on TracView on GitHub

Top ↑

Top ↑

Used By

Used By
Used ByDescription
wp-includes/post.php:wp_delete_attachment_files()

Deletes all files that belong to the given attachment.

wp-includes/option.php:delete_expired_transients()

Deletes all expired transients.

wp-includes/class-wp-term-query.php:WP_Term_Query::get_search_sql()

Used internally to generate a SQL string related to the ‘search’ parameter.

wp-includes/class-wp-term-query.php:WP_Term_Query::get_terms()

Retrieves the query results.

wp-includes/class-wp-network-query.php:WP_Network_Query::get_search_sql()

Used internally to generate an SQL string for searching across multiple columns.

wp-includes/class-wp-site-query.php:WP_Site_Query::get_search_sql()

Used internally to generate an SQL string for searching across multiple columns.

wp-includes/class-wp-meta-query.php:WP_Meta_Query::get_sql_for_clause()

Generate SQL JOIN and WHERE clauses for a first-order query clause.

wp-admin/install.php:display_setup_form()

Display installer setup form.

wp-admin/includes/network.php:network_domain_check()

Check for an existing network.

wp-admin/includes/upgrade.php:maybe_create_table()

Creates a table in the database, if it doesn’t already exist.

wp-admin/includes/template.php:meta_form()

Prints the form in the Custom Fields meta box.

wp-admin/includes/class-wp-ms-sites-list-table.php:WP_MS_Sites_List_Table::prepare_items()

Prepares the list of sites for display.

wp-includes/class-wp-query.php:WP_Query::parse_search()

Generates SQL for the WHERE clause based on passed search terms.

wp-includes/class-wp-query.php:WP_Query::parse_search_order()

Generates SQL for the ORDER BY condition based on passed search terms.

wp-includes/functions.php:do_enclose()

Check content for video and audio links to add as enclosures.

wp-includes/class-wp-user-query.php:WP_User_Query::get_search_sql()

Used internally to generate an SQL string for searching across multiple columns.

wp-includes/user.php:count_users()

Counts number of users who have each of the user roles.

wp-includes/canonical.php:redirect_guess_404_permalink()

Attempts to guess the correct URL for a 404 request based on query vars.

wp-includes/bookmark.php:get_bookmarks()

Retrieves the list of bookmarks

wp-includes/ms-load.php:ms_not_installed()

Displays a failure message.

wp-includes/class-wp-comment-query.php:WP_Comment_Query::get_search_sql()

Used internally to generate an SQL string for searching across multiple columns.

Show 16 more used byHide more used by

Top ↑

Changelog

Changelog
VersionDescription
4.0.0Introduced.
Download the latest version of WordPress from https://wordpress.org/

The content displayed on this page has been created in part by processing WordPress source code files which are made available under the GPLv2 (or a later version) license by theĀ Free Software Foundation. In addition to this, the content includes user-written examples and information. All material is subject to review and curation by the WPPaste.com community.

Show More