I try to use <code>PDO::quote</code> to escape a string in a <code>LIKE</code> expression, so the user string must not be surrounded like in : <pre class="prettyprint"><code>LIKE "%userStringToEscape%" </code></pre> Is there a way to do that ?

<pre class="prettyprint"><code>$var = "%userStringToEscape%"; $var = $stmt->quote($var); $sql = "SELECT * FROM table WHERE field LIKE $var"; </code></pre> same goes for the prepared statements

How to use PDO::quote without getting string surrounded by quotes?

Tags:

sql

php

pdo

I try to use PDO::quote to escape a string in a LIKE expression, so the user string must not be surrounded like in :

LIKE "%userStringToEscape%"

Is there a way to do that ?

680

asked Dec 01 '11 12:12

Leto

2 Answers

$var = "%userStringToEscape%";
$var = $stmt->quote($var);
$sql = "SELECT * FROM table WHERE field LIKE $var";

same goes for the prepared statements

answered Sep 25 '22 23:09

Your Common Sense

Use substr($db->quote($var), 1, -1)

Really though, don't. You'll end up with larger problems than the ones you started with.

The clean solution to do this is, of course, $db->quote('%'.$var.'%')

answered Sep 26 '22 23:09

Tom van der Woerdt

Recent Activity
Apple Pay - authorize.net returns error 153 only when live, sandbox works
How to continue cursor loop even error occured in the loop
python find all neighbours of a given node in a list of lists
Fatal error: Call to a member function setColumn() on a non-object in Magento
Count how many of each value from a field with MySQL and PHP
Python 32-bit development on 64-bit Windows [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With