描述
You can use these SQL lookup shortcodes to extract data from any table in your WordPress database:
</p> <p>[sql]SELECT a FROM b WHERE c='d';
If a table or column name has a space or other unusual character in it, wrap it in `backticks`. If a value contains a
space or other unusual characters, wrap it in ‘single quotes’.
While I’ve taken considerable effort to prevent SQL injection attacks by escaping all other dangerous characters with esc_sql (which uses mysql_real_escape_string/mysqli_real_escape_string and addslashes), I would advise against using this plugin on a site that accepts any kind of posts or comments from untrusted sources.
评价
此插件暂无评价。
