mattspriggs28 Posted July 13, 2010 Share Posted July 13, 2010 Hi, What is the correct syntax for creating an sql query that combines the LIKE operator with mysql_real_escape_string? The following doesn't seem to work: $sql = sprintf("Select * from " . TBL_PREFIX . "_operators where id = %s or company_name LIKE '%%s%'", mysql_real_escape_string($_POST['operator_quick_search']), mysql_real_escape_string($_POST['operator_quick_search'])); Thanks Link to comment https://forums.phpfreaks.com/topic/207597-using-like-operator-with-mysql_real_escape_string/ Share on other sites More sharing options...
PFMaBiSmAd Posted July 13, 2010 Share Posted July 13, 2010 You need to double the %% to get it to be treated as a literal % within a sprintf() - $sql = sprintf("Select * from " . TBL_PREFIX . "_operators where id = %s or company_name LIKE '%%%s%%'", Link to comment https://forums.phpfreaks.com/topic/207597-using-like-operator-with-mysql_real_escape_string/#findComment-1085350 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.