WordPress.org

Ready to get started?Download WordPress

Codex

Class Reference/wpdb

Contents

Interfacing With the Database

WordPress provides a class of functions for all database manipulations. The class is called wpdb and is loosely based on the ezSQL class written and maintained by Justin Vincent.

Using the $wpdb Object

Methods in the wpdb() class should not be called directly. Use the global $wpdb object instead!

WordPress provides a global variable, $wpdb, which is an instantiation of the class already set up to talk to the WordPress database. Always use the global $wpdb variable. (Remember to globalize $wpdb before using it in any custom functions.)

The $wpdb object can be used to read data from any table in the WordPress database (such as custom plugin tables), not just the standard tables that WordPress creates. For example to SELECT some information from a custom table called "mytable", you can do the following.

$myrows = $wpdb->get_results( "SELECT id, name FROM mytable" );

The $wpdb object can talk to any number of tables, but only one database: the WordPress database. In the rare case you need to connect to another database, you will have to instantiate your own object from the wpdb class with the appropriate connection details. For extremely complicated setups with many databases, consider using hyperdb instead.

Run Any Query on the Database

The query function allows you to execute any SQL query on the WordPress database. It is best to use a more specific function (see below), however, for SELECT queries.

 <?php $wpdb->query('query'); ?> 

query 
(string) The SQL query you wish to execute.

The function returns an integer corresponding to the number of rows affected/selected. If there is a MySQL error, the function will return FALSE. For CREATE, ALTER, TRUNCATE and DROP SQL statements, this function returns true. (Note: since both 0 and FALSE can be returned, make sure you use the correct comparison operator: equality == vs. identicality ===).

Note: As with all functions in this class that execute SQL queries, you must SQL escape all inputs (e.g., esc_sql($user_entered_data_string) or $wpdb->prepare( 'query' , value_parameter[, value_parameter ... ] );). See the section entitled Protect Queries Against SQL Injection Attacks below.

Examples

Delete the 'gargle' meta key and value from Post 13. (We'll add the 'prepare' method to make sure we're not dealing with an illegal operation or any illegal characters):

$wpdb->query( 
	$wpdb->prepare( 
		"
                DELETE FROM $wpdb->postmeta
		 WHERE post_id = %d
		 AND meta_key = %s
		",
	        13, 'gargle' 
        )
);

Performed in WordPress by delete_post_meta().


Set the parent of Page 15 to Page 7.

$wpdb->query(
	"
	UPDATE $wpdb->posts 
	SET post_parent = 7
	WHERE ID = 15 
		AND post_status = 'static'
	"
);

SELECT a Variable

The get_var function returns a single variable from the database. Though only one variable is returned, the entire result of the query is cached for later use. Returns NULL if no result is found.

 <?php $wpdb->get_var'query'column_offsetrow_offset ); ?> 

query 
(string) The query you wish to run. Setting this parameter to null will return the specified variable from the cached results of the previous query.
column_offset 
(integer) The desired column (0 being the first). Defaults to 0.
row_offset 
(integer) The desired row (0 being the first). Defaults to 0.

Examples

Retrieve and display the number of users.

<?php
$user_count = $wpdb->get_var( "SELECT COUNT(*) FROM $wpdb->users" );
echo "<p>User count is {$user_count}</p>";
?>

Retrieve and display the sum of a Custom Field value.

<?php
// set the meta_key to the appropriate custom field meta key
$meta_key = 'miles';
$allmiles = $wpdb->get_var( $wpdb->prepare( 
	"
		SELECT sum(meta_value) 
		FROM $wpdb->postmeta 
		WHERE meta_key = %s
	", 
	$meta_key
) );
echo "<p>Total miles is {$allmiles}</p>";
?> 

SELECT a Row

To retrieve an entire row from a query, use get_row. The function can return the row as an object, an associative array, or as a numerically indexed array. If more than one row is returned by the query, only the specified row is returned by the function, but all rows are cached for later use. Returns NULL if no result is found, consider this when using the returned value in arguments, see example below.

 <?php $wpdb->get_row('query'output_typerow_offset); ?> 

query 
(string) The query you wish to run.
output_type 
One of three pre-defined constants. Defaults to OBJECT.
  • OBJECT - result will be output as an object.
  • ARRAY_A - result will be output as an associative array.
  • ARRAY_N - result will be output as a numerically indexed array.
row_offset 
(integer) The desired row (0 being the first). Defaults to 0.

Examples

Get all the information about Link 10.

$mylink = $wpdb->get_row("SELECT * FROM $wpdb->links WHERE link_id = 10");

The properties of the $mylink object are the column names of the result from the SQL query (in this example all the columns from the $wpdb->links table, but you could also query for specific columns only).

echo $mylink->link_id; // prints "10"

In contrast, using

$mylink = $wpdb->get_row("SELECT * FROM $wpdb->links WHERE link_id = 10", ARRAY_A);

would result in an associative array:

echo $mylink['link_id']; // prints "10"

and

$mylink = $wpdb->get_row("SELECT * FROM $wpdb->links WHERE link_id = 10", ARRAY_N);

would result in a numerically indexed array:

echo $mylink[1]; // prints "10"

If there is no record with ID 10 in the links table, null will be returned. The following would then be false:

if ($mylink != null) {
  // do something with the link 
  return true;
} else {
  // no link found
  return false;
}

SELECT a Column

To SELECT a column, use get_col. This function outputs a one dimensional array. If more than one column is returned by the query, only the specified column will be returned by the function, but the entire result is cached for later use. Returns an empty array if no result is found.

 <?php $wpdb->get_col'query'column_offset ); ?> 

query 
(string) the query you wish to execute. Setting this parameter to null will return the specified column from the cached results of the previous query.
column_offset 
(integer) The desired column (0 being the first). Defaults to 0.

Examples

For this example, assume the blog is devoted to information about automobiles. Each post describes a particular car (e.g. 1969 Ford Mustang), and three Custom Fields, manufacturer, model, and year, are assigned to each post. This example will display the post titles, filtered by a particular manufacturer (Ford), and sorted by model and year.

The get_col form of the wpdb Class is used to return an array of all the post ids meeting the criteria and sorted in the correct order. Then a foreach construct is used to iterate through that array of post ids, displaying the title of each post. Note that the SQL for this example was created by Andomar.

<?php 
$meta_key1		= 'model';
$meta_key2		= 'year';
$meta_key3		= 'manufacturer';
$meta_key3_value	= 'Ford';

$postids=$wpdb->get_col( $wpdb->prepare( 
	"
	SELECT      key3.post_id
	FROM        $wpdb->postmeta key3
	INNER JOIN  $wpdb->postmeta key1 
	            ON key1.post_id = key3.post_id
	            AND key1.meta_key = %s 
	INNER JOIN  $wpdb->postmeta key2
	            ON key2.post_id = key3.post_id
	            AND key2.meta_key = %s
	WHERE       key3.meta_key = %s 
	            AND key3.meta_value = %s
	ORDER BY    key1.meta_value, key2.meta_value
	",
	$meta_key1, 
	$meta_key2, 
	$meta_key3, 
	$meta_key3_value
) ); 

if ( $postids ) 
{
	echo "List of {$meta_key3_value}(s), sorted by {$meta_key1}, {$meta_key2}";
	foreach ( $postids as $id ) 
	{ 
		$post = get_post( intval( $id ) );
		setup_postdata( $post );
		?>
		<p>
			<a href="<?php the_permalink() ?>" rel="bookmark" title="Permanent Link to <?php the_title_attribute(); ?>">
				<?php the_title(); ?>
			</a>
		</p>
		<?php
	} 
}
?>

This example lists all posts that contain a particular custom field, but sorted by the value of a second custom field.

<?php
// List all posts with custom field Color, sorted by the value of custom field Display_Order
// does not exclude any 'post_type'
// assumes each post has just one custom field for Color, and one for Display_Order
$meta_key1 = 'Color';
$meta_key2 = 'Display_Order';

$postids = $wpdb->get_col( $wpdb->prepare( 
	"
	SELECT      key1.post_id
	FROM        $wpdb->postmeta key1
	INNER JOIN  $wpdb->postmeta key2
	            ON key2.post_id = key1.post_id
	            AND key2.meta_key = %s
	WHERE       key1.meta_key = %s
	ORDER BY    key2.meta_value+(0) ASC
	",
        $meta_key2,
	$meta_key1
) ); 

if ( $postids ) 
{
	echo "List of {$meta_key1} posts, sorted by {$meta_key2}";
	foreach ( $postids as $id ) 
	{
		$post = get_post( intval( $id ) );
		setup_postdata( $post );
		?>
		<p>
			<a href="<?php the_permalink() ?>" rel="bookmark" title="Permanent Link to <?php the_title_attribute(); ?>">
				<?php the_title(); ?>
			</a>
		</p>
		<?php
	}
}
?>

SELECT Generic Results

Generic, mulitple row results can be pulled from the database with get_results. The function returns the entire query result as an array, or NULL on no result. Each element of this array corresponds to one row of the query result and, like get_row, can be an object, an associative array, or a numbered array.

 <?php $wpdb->get_results'query'output_type ); ?> 

query 
(string) The query you wish to run. Setting this parameter to null will return the data from the cached results of the previous query.
output_type 
One of four pre-defined constants. Defaults to OBJECT. See SELECT a Row and its examples for more information.
  • OBJECT - result will be output as a numerically indexed array of row objects.
  • OBJECT_K - result will be output as an associative array of row objects, using first column's values as keys (duplicates will be discarded).
  • ARRAY_A - result will be output as an numerically indexed array of associative arrays, using column names as keys.
  • ARRAY_N - result will be output as a numerically indexed array of numerically indexed arrays.

Since this function uses the $wpdb->query() function all the class variables are properly set. The results count for a 'SELECT' query will be stored in $wpdb->num_rows.

Examples

Get the IDs and Titles of all the Drafts by User 5 and echo the Titles.

$fivesdrafts = $wpdb->get_results( 
	"
	SELECT ID, post_title 
	FROM $wpdb->posts
	WHERE post_status = 'draft' 
		AND post_author = 5
	"
);

foreach ( $fivesdrafts as $fivesdraft ) 
{
	echo $fivesdraft->post_title;
}

Get all information on the Drafts by User 5.

<?php
$fivesdrafts = $wpdb->get_results( 
	"
	SELECT * 
	FROM $wpdb->posts
	WHERE post_status = 'draft' 
		AND post_author = 5
	"
);

if ( $fivesdrafts )
{
	foreach ( $fivesdrafts as $post )
	{
		setup_postdata( $post );
		?>
		<h2>
			<a href="<?php the_permalink(); ?>" rel="bookmark" title="Permalink: <?php the_title(); ?>">
				<?php the_title(); ?>
			</a>
		</h2>
		<?php
	}	
}
else
{
	?>
	<h2>Not Found</h2>
	<?php
}
?>

INSERT rows

Insert a row into a table.

 <?php $wpdb->insert$table$data$format ); ?> 

table 
(string) The name of the table to insert data into.
data 
(array) Data to insert (in column => value pairs). Both $data columns and $data values should be "raw" (neither should be SQL escaped).
format 
(array|string) (optional) An array of formats to be mapped to each of the value in $data. If string, that format will be used for all of the values in $data. If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types.

Possible format values: %s as string; %d as integer (whole number); and %f as float. (See below for more information.)

After insert, the ID generated for the AUTO_INCREMENT column can be accessed with:

$wpdb->insert_id

This function returns false if the row could not be inserted.

Please note: The value portion of the data parameter's column=>value pairs must be scalar. If you pass an array (or object) as a value to be inserted you will generate a warning similar to "mysql_real_escape_string() expects parameter 1 to be string, array given on line 880 in file /var/www/html/wp-includes/wp-db.php".

Examples

Insert two columns in a row, the first value being a string and the second a number:

$wpdb->insert( 
	'table', 
	array( 
		'column1' => 'value1', 
		'column2' => 123 
	), 
	array( 
		'%s', 
		'%d' 
	) 
);

REPLACE row

Replace a row in a table if it exists or insert a new row in a table if the row did not already exist.

 <?php $wpdb->replace$table$data$format ); ?> 

table 
(string) The name of the table to replace data in.
data 
(array) Data to replace (in column => value pairs). Both $data columns and $data values should be "raw" (neither should be SQL escaped).
format 
(array|string) (optional) An array of formats to be mapped to each of the value in $data. If string, that format will be used for all of the values in $data. If omitted, all values in $data will be treated as strings unless otherwise specified in wpdb::$field_types.

Possible format values: %s as string; %d as integer (whole number); and %f as float. (See below for more information.)

After replace, the ID generated for the AUTO_INCREMENT column can be accessed with:

$wpdb->insert_id

This function returns a count to indicate the number of rows affected. This is the sum of the rows deleted and inserted. If the count is 1 for a single-row REPLACE, a row was inserted and no rows were deleted. If the count is greater than 1, one or more old rows were deleted before the new row was inserted. It is possible for a single row to replace more than one old row if the table contains multiple unique indexes and the new row duplicates values for different old rows in different unique indexes.

This function returns false if an existing row could not be replaced and a new row could not be inserted.

Examples

Replace a row, the first value being the row id, the second a string and the third a number:

$wpdb->replace( 
	'table', 
	array( 
                'indexed_id' => 1,
		'column1' => 'value1', 
		'column2' => 123 
	), 
	array( 
                '%d',
		'%s', 
		'%d' 
	) 
);

UPDATE rows

Update a row in the table. Returns false if errors, or the number of rows affected if successful.

 <?php $wpdb->update$table$data$where$format null$where_format null ); ?> 

table 
(string) The name of the table to update.
data 
(array) Data to update (in column => value pairs). Both $data columns and $data values should be "raw" (neither should be SQL escaped). This means that if you are using GET or POST data you may need to use stripslashes() to avoid slashes ending up in the database.
where 
(array) A named array of WHERE clauses (in column => value pairs). Multiple clauses will be joined with ANDs. Both $where columns and $where values should be "raw".
format 
(array|string) (optional) An array of formats to be mapped to each of the values in $data. If string, that format will be used for all of the values in $data.
where_format 
(array|string) (optional) An array of formats to be mapped to each of the values in $where. If string, that format will be used for all of the items in $where.

Possible format values: %s as string; %d as integer (whole number) and %f as float. (See below for more information.) If omitted, all values in $where will be treated as strings.

This function returns the number of rows updated, or false if there is an error.

Examples

Update a row, where the ID is 1, the value in the first column is a string and the value in the second column is a number:

$wpdb->update( 
	'table', 
	array( 
		'column1' => 'value1',	// string
		'column2' => 'value2'	// integer (number) 
	), 
	array( 'ID' => 1 ), 
	array( 
		'%s',	// value1
		'%d'	// value2
	), 
	array( '%d' ) 
);

Attention: %d can't deal with comma values - if you're not using full numbers, use string/%s.

DELETE Rows

The delete function was added in WordPress 3.4.0, and can be used to delete rows from a table. The usage is very similar to update and insert. It returns the number of rows updated, or false on error.

Usage

<?php $wpdb->delete$table$where$where_format null ); ?>

Parameters

$table
(string) (required) Table name.
Default: None
$where
(array) (required) A named array of WHERE clauses (in column -> value pairs). Multiple clauses will be joined with ANDs. Both $where columns and $where values should be 'raw'.
Default: None
$where_format
(string/array) (optional) An array of formats to be mapped to each of the values in $where. If a string, that format will be used for all of the items in $where. A format is one of '%d', '%f', '%s' (integer, float, string; see below for more information). If omitted, all values in $where will be treated as strings unless otherwise specified in wpdb::$field_types.
Default: null

Examples

// Default usage.
$wpdb->delete( 'table', array( 'ID' => 1 ) );

// Using where formatting.
$wpdb->delete( 'table', array( 'ID' => 1 ), array( '%d' ) );

Protect Queries Against SQL Injection Attacks

For a more complete overview of SQL escaping in WordPress, see database Data Validation. That Data Validation article is a must-read for all WordPress code contributors and plugin authors.

Briefly, though, all data in SQL queries must be SQL-escaped before the SQL query is executed to prevent against SQL injection attacks. This can be conveniently done with the prepare method, which supports both a sprintf()-like and vsprintf()-like syntax.

Please note: As of 3.5, wpdb::prepare() enforces a minimum of 2 arguments. [more info]

<?php $sql = $wpdb->prepare( 'query' , value_parameter[, value_parameter ... ] ); ?>
query 
(string) The SQL query you wish to execute, with placeholders (see below).
value_parameter 
(int|string|array) The value to substitute into the placeholder. Many values may be passed by simply passing more arguments in a sprintf()-like fashion. Alternatively the second argument can be an array containing the values as in PHP's vsprintf() function. Care must be taken not to allow direct user input to this parameter, which would enable array manipulation of any query with multiple placeholders. Values must not already be SQL-escaped.

Placeholders

The query parameter for prepare accepts sprintf()-like placeholders. The %s (string), %d (integer) and %f (float) formats are supported. (The %s and %d placeholders have been available since the function was added to core in Version 2.3, %f has only been available since Version 3.3.) Any other % characters may cause parsing errors unless they are escaped. All % characters inside SQL string literals, including LIKE wildcards, must be double-% escaped as %%. All of %d, %f, and %s are to be left unquoted in the query string. Note that the %d placeholder only accepts integers, so you can't pass numbers that have comma values via %d. If you need comma values, use %s instead.

Examples

Add Meta key => value pair "Harriet's Adages" => "WordPress' database interface is like Sunday Morning: Easy." to Post 10.

$metakey	= "Harriet's Adages";
$metavalue	= "WordPress' database interface is like Sunday Morning: Easy.";

$wpdb->query( $wpdb->prepare( 
	"
		INSERT INTO $wpdb->postmeta
		( post_id, meta_key, meta_value )
		VALUES ( %d, %s, %s )
	", 
        10, 
	$metakey, 
	$metavalue 
) );

Performed in WordPress by add_meta().

The same query using vsprintf()-like syntax.

$metakey = "Harriet's Adages";
$metavalue = "WordPress' database interface is like Sunday Morning: Easy.";

$wpdb->query( $wpdb->prepare( 
	"
		INSERT INTO $wpdb->postmeta
		( post_id, meta_key, meta_value )
		VALUES ( %d, %s, %s )
	", 
        array(
		10, 
		$metakey, 
		$metavalue
	) 
) );

Note that in this example we pack the values together in an array. This can be useful when we don't know the number of arguments we need to pass until runtime.

Notice that you do not have to worry about quoting strings. Instead of passing the variables directly into the SQL query, use a %s placeholder for strings, a %d placedolder for integers, and a %f as a placeholder for floats. You can pass as many values as you like, each as a new parameter in the prepare() method.

Show and Hide SQL Errors

You can turn error echoing on and off with the show_errors and hide_errors, respectively.

 <?php $wpdb->show_errors(); ?> 
 <?php $wpdb->hide_errors(); ?> 

You can also print the error (if any) generated by the most recent query with print_error.

 <?php $wpdb->print_error(); ?> 

Note: If you are running WordPress Multisite, you must define the DIEONDBERROR constant for database errors to display like so:
 <?php define'DIEONDBERROR'true ); ?> 

Getting Column Information

You can retrieve information about the columns of the most recent query result with get_col_info. This can be useful when a function has returned an OBJECT whose properties you don't know. The function will output the desired information from the specified column, or an array with information on all columns from the query result if no column is specified.

 <?php $wpdb->get_col_info('type'offset); ?> 

type 
(string) What information you wish to retrieve. May take on any of the following values (list taken from the ezSQL docs). Defaults to name.
  • name - column name. Default.
  • table - name of the table the column belongs to
  • max_length - maximum length of the column
  • not_null - 1 if the column cannot be NULL
  • primary_key - 1 if the column is a primary key
  • unique_key - 1 if the column is a unique key
  • multiple_key - 1 if the column is a non-unique key
  • numeric - 1 if the column is numeric
  • blob - 1 if the column is a BLOB
  • type - the type of the column
  • unsigned - 1 if the column is unsigned
  • zerofill - 1 if the column is zero-filled
offset 
(integer) Specify the column from which to retrieve information (with 0 being the first column). Defaults to -1.
  • -1 - Retrieve information from all columns. Output as array. Default.
  • Non-negative integer - Retrieve information from specified column (0 being the first).

Clearing the Cache

You can clear the SQL result cache with flush.

 <?php $wpdb->flush(); ?> 

This clears $wpdb->last_result, $wpdb->last_query, and $wpdb->col_info.

Class Variables

$show_errors 
Whether or not Error echoing is turned on. Defaults to TRUE.
$num_queries 
The number of queries that have been executed.
$last_query 
The most recent query to have been executed.
$last_error 
The most recent error text generated by MySQL.
$queries 
You may save all of the queries run on the database and their stop times by setting the SAVEQUERIES constant to TRUE (this constant defaults to FALSE). If SAVEQUERIES is TRUE, your queries will be stored in this variable as an array.
$last_result 
The most recent query results.
$col_info 
The column information for the most recent query results. See Getting Column Information.
$insert_id 
ID generated for an AUTO_INCREMENT column by the most recent INSERT query.
$num_rows 
The number of rows returned by the last query.
$prefix 
The assigned WordPress table prefix for the site.
$base_prefix 
The original prefix as defined in wp-config.php. For multi-site: Use if you want to get the prefix without the blog number appended.

Multi-Site Variables

If you are using Multi-Site, you also have access to the following:

$blogid 
The id of the current site (blog).
$siteid 
The id of the current network (formerly "site"). WordPress currently only supports one network per multi-site install, but that could change in future. See the following for more information:

Tables

The WordPress database tables are easily referenced in the wpdb class.

$posts 
The table of Posts.
$postmeta 
The Meta Content (a.k.a. Custom Fields) table.
$comments 
The Comments table.
$commentmeta 
The table contains additional comment information.
$terms 
The terms table contains the 'description' of Categories, Link Categories, Tags.
$term_taxonomy 
The term_taxonomy table describes the various taxonomies (classes of terms). Categories, Link Categories, and Tags are taxonomies.
$term_relationships 
The term relationships table contains link between the term and the object that uses that term, meaning this file point to each Category used for each Post.
$users 
The table of Users.
$usermeta 
The usermeta table contains additional user information, such as nicknames, descriptions and permissions.
$links 
The table of Links.
$options 
The Options table.

Multisite Tables

These tables are used only in multisite installations.

$blogs 
The Blogs table contains a list of the separate blogs (sites) that have been set up within the network(s).
$signups 
The Signups table.
$site 
The Site table contains a list of the networks (previously known as "sites" in WPMU) that are set up in the installation (usually there is only one site listed in this table).
$sitemeta 
The Network Options (Site Meta) table contains any options that are applicable to the entire multisite installation.
$sitecategories 
The Site Categories table.
$registration_log 
The Registration Log table.
$blog_versions 
The Blog Versions table.

Source File

wpdb() is located in wp-includes/wp-db.php.

Related

Articles

Code Documentation

  • Class: WP_Query - Detailed Overview of class WP_Query
  • Object: $wpdb - Overview on the use of the $wpdb object
  • Function: get_query_var()
  • Function: query_posts() - Create additional custom query
  • Function: get_post() - Take an ID of an item and return the records in the database for that article
  • Function: get_posts() - A specialized function that returns an array of items
  • Function: get_pages() - A specialized function that returns an array of pages
  • Function: have posts() - a condition that determines whether the query returned an article
  • Function: the_post() - Used to automatically set the loop after a query
  • Function: rewind_posts() - Clears the current loop
  • Function: setup_postdata() - Sets the data for a single query result within a loop
  • Function: wp_reset_postdata() - Restores the previous query (usually after a loop within another loop)
  • Function: wp_reset_query()
  • Function: is_main_query() - Ensures that the query that is being changed is only the main query
  • Action Hook: pre_get_posts - Change WordPress queries before they are executed
  • Action Hook: the_post - Modify the post object after query
  • Filter Hook: found_posts - Changes the value of the object found_posts WP_Query
See also index of Class Reference and index of Function Reference.