Jump to content

PHP variable in a Query with like condition syntax question


phppaper

Recommended Posts

I have a query:

 

$query ="select * FROM telephone_admin where name Like ' ".$_GET['answer']." ' ";

 

I would like to add % before and after so that the query will search for result which contains the PHP variable $_GET['answer'] before or after,

 

but the problem is how can I add % before or after ' ".$_GET['answer']." ' within the query??

 

Thanks!

$query ="select * FROM telephone_admin where name Like '%" . $_GET['answer'] . "% ' ";

 

You should not use the $_GET array directly within a query like that either. see mysql_real_escape_string and make sure you sanatize user inputted data.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.