SQL 在 ADOdb 准备语句中使用 LIKE 时出现语法错误
SQL Syntax Error When Using LIKE in an ADOdb Prepared Statement
我正在尝试使用 ADODb 准备语句(使用 MySQLi PHP 驱动程序)在具有 LIKE '%string%' 的列中搜索:
$q_record = $DB->Prepare("
SELECT author, title
FROM books
WHERE (author LIKE '%?%' OR title LIKE '%?%')
ORDER BY submit_date
");
$record = $DB->GetAll($q_record, array( $q, $q ) ) or die($DB->ErrorMsg());
错误信息如
"You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'nano'%' OR title LIKE '%'nano'%') ORDER BY submit_date DESC ) ' at line 4"
其中 "nano" 是搜索关键字。
我怀疑我要逃避'?'但我不知道该怎么做。
简单明了:
$q_record = $DB->Prepare("
SELECT author, title
FROM books
WHERE (author LIKE CONCAT('%', ?, '%') OR title LIKE CONCAT('%', ?, '%'))
ORDER BY submit_date
");
也就是说,参数占位符?不像字符串插值那样起作用。像使用 SQL 变量一样使用它。
我正在尝试使用 ADODb 准备语句(使用 MySQLi PHP 驱动程序)在具有 LIKE '%string%' 的列中搜索:
$q_record = $DB->Prepare("
SELECT author, title
FROM books
WHERE (author LIKE '%?%' OR title LIKE '%?%')
ORDER BY submit_date
");
$record = $DB->GetAll($q_record, array( $q, $q ) ) or die($DB->ErrorMsg());
错误信息如
"You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'nano'%' OR title LIKE '%'nano'%') ORDER BY submit_date DESC ) ' at line 4"
其中 "nano" 是搜索关键字。
我怀疑我要逃避'?'但我不知道该怎么做。
简单明了:
$q_record = $DB->Prepare("
SELECT author, title
FROM books
WHERE (author LIKE CONCAT('%', ?, '%') OR title LIKE CONCAT('%', ?, '%'))
ORDER BY submit_date
");
也就是说,参数占位符?不像字符串插值那样起作用。像使用 SQL 变量一样使用它。