chrischen Posted February 9, 2008 Share Posted February 9, 2008 Right now if I type "%" into my search box it returns everything in the databse. How do I escape it so that it searches for that sign? Quote Link to comment Share on other sites More sharing options...
toplay Posted February 9, 2008 Share Posted February 9, 2008 \% Quote Link to comment Share on other sites More sharing options...
Barand Posted February 9, 2008 Share Posted February 9, 2008 so to search for a value containing a % ...WHERE term LIKE '%\%%' Quote Link to comment Share on other sites More sharing options...
chrischen Posted February 9, 2008 Author Share Posted February 9, 2008 I tried and it still returns everything. $query = "%"; The sql query is like this sprintf("... WHERE name = %s", GetSQLValueString($query, "text") and I use the GetSQLValueString function: function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } Quote Link to comment Share on other sites More sharing options...
fenway Posted February 9, 2008 Share Posted February 9, 2008 I see no escaping. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.