In WordPress plug-in or theme development, the update() method of the wpdb class can be used to achieve database record updates. The basic structure is: $wpdb->update( $table, $data, $where, $format, $where_format). 1. $table specifies the table name, such as $wpdb->prefix . 'my_table'; 2. $data is an associative array, indicating the data to be updated, such as ['column1' => 'value1']; 3. $where is also an associative array, specifying the update conditions, such as ['id' => 123]; 4. $format and $where_format are optional, used to define data types, such as %s, %d, and %f. For example: Use $wpdb->update( $wpdb->prefix . 'users', ['user_email' => 'new@example.com'], ['ID' => 1], ['%s'], ['%d']) when updating the user's mailbox. Security needs to be noted: 1. Although update() is protected from SQL injection, complex queries should use $wpdb->prepare(); 2. Avoid manual stitching of SQL; 3. Verify and filter the input, such as intval() and sanitize_email(); 4. Use primary key or unique fields as WHERE conditions to prevent multiple records from being updated by mistake; 5. It is recommended to first SELECT query to confirm that the target exists. By mastering these methods and specifications, you can complete database update operations safely and efficiently.
Updating data is a common requirement in WordPress plug-in or theme development, and wpdb class is a key tool to achieve this goal. Use it to operate the database directly, but you should also pay attention to safety and specifications.
Basic usage: update method
wpdb provides a method specifically for updating records: update() . Its basic structure is as follows:
$wpdb->update( $table, $data, $where, $format = null, $where_format = null );
-
$table: The table name to be updated (such as$wpdb->prefix . 'my_table'). -
$data: The data to be updated in the format of an associative array (such as['column1' => 'value1', ...]). -
$where: Update condition, also associative array (such as['id' => 123]). -
$formatand$where_formatare optional parameters that specify the data type (%s string, %d integer, %f floating point number).
For example:
$wpdb->update(
$wpdb->prefix . 'users',
['user_email' => 'new@example.com'],
['ID' => 1],
['%s'],
['%d']
);Safety precautions
SQL injection is a potential risk when using wpdb to operate the database. Although the parameter binding process has been performed inside update() method, the following points need to be paid attention to:
- Always use
$wpdb->prepare()to construct complex query statements (althoughupdate()comes with a security mechanism, it may be required in other scenarios). - Avoid splicing of SQL statement strings directly.
- Verify and filter user input, such as using functions such as
intval(),sanitize_email(), etc.
For example, if you write a SQL update statement manually, it should be like this:
$wpdb->query(
$wpdb->prepare(
"UPDATE {$wpdb->prefix}users SET user_email = %s WHERE ID = %d",
'new@example.com',
1
)
);Use primary key or unique field as condition
When updating data, make sure your WHERE conditions are accurate enough, otherwise multiple records may be updated by mistake. The most common thing is to use primary keys (usually ID ) or unique fields (such as usernames, mailboxes, etc.) to locate the target row.
Suggested practices:
- Try to use integer primary keys as conditions.
- If you use the string field as a condition, remember to add the quote placeholder
%s. - Before updating, you can do a
SELECTquery to confirm whether the target exists.
Example:
$user_id = $wpdb->get_var(
$wpdb->prepare("SELECT ID FROM {$wpdb->prefix}users WHERE user_login = %s", 'admin')
);
if ($user_id) {
$wpdb->update(
$wpdb->prefix . 'users',
['user_email' => 'new@admin.com'],
['ID' => $user_id],
['%s'],
['%d']
);
} Basically that's it. By mastering the usage of wpdb::update() , combined with security measures and precise query conditions, you can steadily update database content in WordPress.
The above is the detailed content of How to update data using wpdb. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to revert WordPress core update
Jul 02, 2025 am 12:05 AM
To roll back the WordPress version, you can use the plug-in or manually replace the core file and disable automatic updates. 1. Use WPDowngrade and other plug-ins to enter the target version number to automatically download and replace; 2. Manually download the old version of WordPress and replace wp-includes, wp-admin and other files through FTP, but retain wp-config.php and wp-content; 3. Add code in wp-config.php or use filters to disable core automatic updates to prevent further upgrades. Be sure to back up the website and database before operation to ensure safety and reliability. It is recommended to keep the latest version for security and functional support in the long term.
How to create a custom shortcode in WordPress
Jul 02, 2025 am 12:21 AM
The steps to create a custom shortcode in WordPress are as follows: 1. Write a PHP function through functions.php file or custom plug-in; 2. Use add_shortcode() to bind the function to the shortcode tag; 3. Process parameters in the function and return the output content. For example, when creating button shortcodes, you can define color and link parameters for flexible configuration. When using it, you can insert a tag like [buttoncolor="red"url="https://example.com"] in the editor, and you can use do_shortcode() to model it
How to diagnose high CPU usage caused by WordPress
Jul 06, 2025 am 12:08 AM
The main reasons why WordPress causes the surge in server CPU usage include plug-in problems, inefficient database query, poor quality of theme code, or surge in traffic. 1. First, confirm whether it is a high load caused by WordPress through top, htop or control panel tools; 2. Enter troubleshooting mode to gradually enable plug-ins to troubleshoot performance bottlenecks, use QueryMonitor to analyze the plug-in execution and delete or replace inefficient plug-ins; 3. Install cache plug-ins, clean up redundant data, analyze slow query logs to optimize the database; 4. Check whether the topic has problems such as overloading content, complex queries, or lack of caching mechanisms. It is recommended to use standard topic tests to compare and optimize the code logic. Follow the above steps to check and solve the location and solve the problem one by one.
How to optimize WordPress without plugins
Jul 05, 2025 am 12:01 AM
Methods to optimize WordPress sites that do not rely on plug-ins include: 1. Use lightweight themes, such as Astra or GeneratePress, to avoid pile-up themes; 2. Manually compress and merge CSS and JS files to reduce HTTP requests; 3. Optimize images before uploading, use WebP format and control file size; 4. Configure.htaccess to enable browser cache, and connect to CDN to improve static resource loading speed; 5. Limit article revisions and regularly clean database redundant data.
How to minify JavaScript files in WordPress
Jul 07, 2025 am 01:11 AM
Miniving JavaScript files can improve WordPress website loading speed by removing blanks, comments, and useless code. 1. Use cache plug-ins that support merge compression, such as W3TotalCache, enable and select compression mode in the "Minify" option; 2. Use a dedicated compression plug-in such as FastVelocityMinify to provide more granular control; 3. Manually compress JS files and upload them through FTP, suitable for users familiar with development tools. Note that some themes or plug-in scripts may conflict with the compression function, and you need to thoroughly test the website functions after activation.
How to use the Transients API for caching
Jul 05, 2025 am 12:05 AM
TransientsAPI is a built-in tool in WordPress for temporarily storing automatic expiration data. Its core functions are set_transient, get_transient and delete_transient. Compared with OptionsAPI, transients supports setting time of survival (TTL), which is suitable for scenarios such as cache API request results and complex computing data. When using it, you need to pay attention to the uniqueness of key naming and namespace, cache "lazy deletion" mechanism, and the issue that may not last in the object cache environment. Typical application scenarios include reducing external request frequency, controlling code execution rhythm, and improving page loading performance.
How to use object caching for persistent storage
Jul 03, 2025 am 12:23 AM
Object cache assists persistent storage, suitable for high access and low updates, tolerating short-term lost data. 1. Data suitable for "persistence" in cache includes user configuration, popular product information, etc., which can be restored from the database but can be accelerated by using cache. 2. Select a cache backend that supports persistence such as Redis, enable RDB or AOF mode, and configure a reasonable expiration policy, but it cannot replace the main database. 3. Set long TTL or never expired keys, adopt clear key name structure such as user:1001:profile, and update the cache synchronously when modifying data. 4. It can combine local and distributed caches to store small data locally and big data Redis to store big data and use it for recovery after restart, while paying attention to consistency and resource usage issues.
How to prevent comment spam programmatically
Jul 08, 2025 am 12:04 AM
The most effective way to prevent comment spam is to automatically identify and intercept it through programmatic means. 1. Use verification code mechanisms (such as Googler CAPTCHA or hCaptcha) to effectively distinguish between humans and robots, especially suitable for public websites; 2. Set hidden fields (Honeypot technology), and use robots to automatically fill in features to identify spam comments without affecting user experience; 3. Check the blacklist of comment content keywords, filter spam information through sensitive word matching, and pay attention to avoid misjudgment; 4. Judge the frequency and source IP of comments, limit the number of submissions per unit time and establish a blacklist; 5. Use third-party anti-spam services (such as Akismet, Cloudflare) to improve identification accuracy. Can be based on the website
