pdo-debug icon indicating copy to clipboard operation
pdo-debug copied to clipboard
verified publisher icon panique

Problem with % in parameter value

Open mawg opened this issue 8 years ago • 1 comments

Probably not a problem with the code (which I have been using for years and find to be excellent! Thank you!), but with my use of it.

My code

$sqlText = 'SELECT count(*) AS count FROM recruiters WHERE recruiter_email LIKE "%:agencyEmailDomain"';
    
$sqlParameters =  array('agencyEmailDomain' => $agencyEmailDomain);

where $agencyEmailDomain == "gmail.com"

and $expandedSqlCommand = PdoDebugger::show($sqlText, $parameters);

expanded to

SELECT count(*) AS count FROM recruiters WHERE recruiter_email LIKE "%'Gmail.com'"

Notice those single quotes around the domain name?

Is there something that I can do, like escaping the % sign?

Thanks in advance for your help.

mawg avatar Oct 26 '17 10:10 mawg

Never mix wildcards in your prepared statement and instead use them as part of your value you are binding to the placeholder parameter like so:

See: https://stackoverflow.com/questions/16255657/pdo-prepared-statements-with-wildcards

$name = "%$name%"; $query = $dbh->prepare("SELECT * FROM gc_users WHERE name like :name"); $query->bindParam(':name', $name); $query->execute();

maietta avatar Jul 15 '18 02:07 maietta