I am using the below wpdb->prepare function in a sql statement. I am passing in several variables some field names and some values. When I try to use the %s for the field name it puts single quotes around it. How can I prevent the single quotes around the field name? The sql statement will not execute with the single quotes?
$query = $wpdb->prepare("SELECT DISTINCT wp_geo.%s, wp_geo.$field2
FROM wp_geo
WHERE wp_geo.$field3=%s",$field1, $typevalue);
Output with single quotes around ‘county_short’ field name:
SELECT DISTINCT wp_geo.'county_short', wp_geo.county_slug FROM wp_geo WHERE wp_geo.type='trailers'
You cannot suppress the quotes in $wpdb. Run
mysqli_real_escape_string()in your script on these variables.You can use %1s which excludes single quotes wrapper.
By using %1s, you will note that the string won’t be having single quotes and you will get the values directly as needed.
Note: Here, the sequence should follow for %1s and the variable you are providing after the query.
You can’t use prepare() on column names, only on values.