PDO search database using LIKE

Question

I am trying to make a small search function to look at database using this code:

$searchQ = 'Li';
$query = $connDB->prepare('SELECT * FROM topic WHERE topic_name LIKE '."':keywords'");
$query->bindValue('keywords', '%' . $searchQ . '%');
$query->execute();  

if (!$query->rowCount() == 0) {
    while ($results = $query->fetch()) {
        echo $results['topic_name'] . "<br />\n";
    }
} else {
    echo 'Nothing found';
}

This return all of the items in database, not just the ones that are alike,

I then ran this SQL query:

SELECT * FROM topic WHERE topic_name LIKE '%Li%';

and this ran as expected and returned the required result.

What am I missing?

Answer 1

Remove the quotes from the placeholder and add a colon before your bind reference:

$query = $connDB->prepare('SELECT * FROM topic WHERE topic_name LIKE :keywords');
$query->bindValue(':keywords', '%' . $searchQ . '%');

Here's my text example:

SQL

CREATE TABLE IF NOT EXISTS `items` (
  `id` mediumint(9) NOT NULL auto_increment,
  `name` varchar(30) NOT NULL,
  PRIMARY KEY  (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;


INSERT INTO `items` (`id`, `name`) VALUES
(1, 'apple'),
(2, 'orange'),
(3, 'grape'),
(4, 'carrot'),
(5, 'brick');

PHP

$keyword='ap';
$sql="SELECT * FROM `items` WHERE `name` LIKE :keyword;";
$q=$dbh->prepare($sql);
$q->bindValue(':keyword','%'.$keyword.'%');
$q->execute();
while ($r=$q->fetch(PDO::FETCH_ASSOC)) {
    echo"<pre>".print_r($r,true)."</pre>";
}

Output

Array
(
    [id] => 1
    [name] => apple
)
Array
(
    [id] => 3
    [name] => grape
)