0
0
Wordpressframework~10 mins

Direct database queries (wpdb) in Wordpress - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Concept Flow - Direct database queries (wpdb)
Start Query
Prepare SQL with placeholders
Call $wpdb->prepare()
Execute query with $wpdb->get_results() or similar
Fetch results
Use results in code
End
This flow shows how to safely prepare and run a direct database query using $wpdb in WordPress.
Execution Sample
Wordpress
$sql = $wpdb->prepare("SELECT * FROM wp_users WHERE ID = %d", 5);
$results = $wpdb->get_results($sql);
foreach ($results as $user) {
  echo $user->user_login;
}
This code prepares a query to get user with ID 5, runs it, and prints the username.
Execution Table
StepActionSQL QueryResultNotes
1Call $wpdb->prepare() with SQL and ID=5SELECT * FROM wp_users WHERE ID = 5Prepared SQL stringPlaceholder %d replaced by 5 safely
2Call $wpdb->get_results() with prepared SQLSELECT * FROM wp_users WHERE ID = 5Array of user objectsQuery executed, results fetched
3Loop over results-Access $user->user_loginUser login printed for each result
4End loop--All results processed
💡 All matching users fetched and displayed; query execution complete.
Variable Tracker
VariableStartAfter Step 1After Step 2After Step 3Final
$sqlnullSELECT * FROM wp_users WHERE ID = 5SELECT * FROM wp_users WHERE ID = 5SELECT * FROM wp_users WHERE ID = 5SELECT * FROM wp_users WHERE ID = 5
$resultsnullnull[user object with ID=5][user object with ID=5][user object with ID=5]
$usernullnullnulluser object with ID=5user object with ID=5
Key Moments - 2 Insights
Why do we use $wpdb->prepare() instead of putting the ID directly in the SQL?
Using $wpdb->prepare() safely inserts variables into SQL, preventing errors and security risks like SQL injection, as shown in step 1 of the execution_table.
What type of data does $wpdb->get_results() return?
$wpdb->get_results() returns an array of objects representing rows from the database, as seen in step 2 and variable_tracker for $results.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table step 1. What does $wpdb->prepare() do with the placeholder %d?
AReplaces %d with the number 5 safely
BIgnores %d and runs the query as is
CDeletes %d from the query
DConverts %d to a string 'd'
💡 Hint
Check the SQL Query column in step 1 of execution_table to see how %d is replaced.
At which step in the execution_table do we get the actual user data from the database?
AStep 1
BStep 2
CStep 3
DStep 4
💡 Hint
Look at the Result column to see when the array of user objects is returned.
If we changed the ID from 5 to 10 in the prepare call, what changes in the execution_table?
AThe Result in step 2 becomes empty
BThe loop in step 3 is skipped
CThe SQL Query in step 1 changes to ID = 10
DNo changes happen
💡 Hint
Focus on how $wpdb->prepare() replaces placeholders in step 1.
Concept Snapshot
Direct database queries with $wpdb:
- Use $wpdb->prepare() to safely insert variables.
- Run queries with $wpdb->get_results() or similar.
- Results come as arrays of objects.
- Always prepare queries to avoid SQL injection.
- Loop through results to use data.
Full Transcript
This lesson shows how to run direct database queries in WordPress using the $wpdb object. First, you prepare your SQL query with placeholders using $wpdb->prepare(), which safely inserts your variables. Then you execute the query with $wpdb->get_results() to get the data as an array of objects. Finally, you loop through the results to use the data, like printing usernames. This method prevents security issues and ensures your queries run correctly.