I am using the below wpdb->prepare function in a sql statement. I am passing in several variables some field names and some values. When I try to use the %s for the field name it puts single quotes around it. How can I prevent the single quotes around the field name? The sql statement will not execute with the single quotes?
$query = $wpdb->prepare("SELECT DISTINCT wp_geo.%s, wp_geo.$field2
FROM wp_geo
WHERE wp_geo.$field3=%s",$field1, $typevalue);
Output with single quotes around ‘county_short’ field name:
SELECT DISTINCT wp_geo.'county_short', wp_geo.county_slug FROM wp_geo WHERE wp_geo.type="trailers"
3 Answers
You cannot suppress the quotes in $wpdb. Run mysqli_real_escape_string() in your script on these variables.
