Generating Dynamic Placeholders for $wpdb->prepare()
$wpdb->prepare() is often called with each un-sanitized value explicitly passed as an individual argument; for example: $wpdb->prepare( "SELECT id FROM wp_posts WHERE id > %d AND `post_status` = %s", $min_id, $status ) The function will also accept an array of un-sanitized values, though, like this: $wpdb->prepare( "SELECT id FROM wp_posts WHERE id > %d AND […]