我有一个查询,应该检查输入的订单号,名字和职位编号,并检查它们是否与wordpress数据库中的内容匹配,但是无论我输入的是哪个职位编号,查询始终都会通过,代码本身看起来像这个:
// Taking the user input into variables
$ordernumber = $_POST['ordernmbr'];
$orderfirstname = $_POST['firstname'];
$orderpostnumber = $_POST['postnmbr'];
$page = $_POST['page'];
// Sanitizing
$ordernumber = stripslashes_deep($ordernumber);
$orderfirstname = stripslashes_deep($orderfirstname);
$orderpostnumber = stripslashes_deep($orderpostnumber);
// Query that searches for order data from db
$sql = $wpdb->prepare("SELECT post_id FROM wp_postmeta
WHERE post_id = %d AND meta_key in ('_billing_first_name', '_billing_postcode')
and meta_value in ('%s', '%d' )
group by post_id", $ordernumber, $orderfirstname, $orderpostnumber);
$res = $wpdb->get_results($sql, ARRAY_A);
我想念什么,以便还要求帖子号正确