How to SELECT data from a MySQL database in WordPress

A guide on how to use Prepared Statements in WordPress to query data from a MySQL database safely and effectively.

In this article, you'll learn how to use Prepared Statements in WordPress to perform SELECT statements, allowing you to query data from tables in the database securely and flexibly with multiple parameters.

global $wpdb;

// SELECT statement with Prepared Statement
$select_query = $wpdb->prepare(
    "SELECT * FROM {$wpdb->prefix}users WHERE ID = %d AND user_login = %s",
    1, 'john_doe'
);

// Execute the query
$results = $wpdb->get_results($select_query);

// Print the data
foreach ($results as $user) {
    echo 'ID: ' . $user->ID . ', Username: ' . $user->user_login . '<br>';
}

Detailed explanation:

1. global $wpdb;: Declares the global $wpdb variable to use the database access object in WordPress.
2. $select_query = $wpdb->prepare(...): Uses the prepare method of $wpdb to create a safe SELECT statement with parameters.
3. "%d" and "%s": Are placeholders for different data types (integer and string).
4. 1, 'john_doe': The parameter values that will replace the corresponding placeholders.
5. $results = $wpdb->get_results($select_query);: Executes the query and retrieves the results as an array of objects.
6. foreach ($results as $user) {...}: Loops through the results and prints each user's information.

System Requirements:

• WordPress installed on the server.
• PHP version 5.6 or higher.

How to install the libraries needed to run the PHP code above:

No additional libraries are needed as the code uses built-in WordPress functions.

Tips:

• Use Prepared Statements to protect your application from SQL injection attacks.
• Ensure you are connected to the correct database and that WordPress is activated before executing the query.