使用LIKE和通配符(例如％，_)进行参数化查询的正确PDO语法 [英] Proper PDO syntax for parameterized query using LIKE with wildcards (ex %, _)

问题描述

以下语法是我目前使用的语法.

The following syntax is the current syntax I have that's works.

$dbh = connect();
$singer = strtolower($_GET["singer"]);

$SQL =
      "SELECT *
        FROM table
        WHERE field1 LIKE ?
        ORDER BY field2 ASC";

$sth = $dbh-> prepare ($SQL);
$sth->bindParam (1, $singer);
$sth->execute();

我需要对代码行WHERE field1 LIKE ?进行哪些更改以使用通配符%进行查询?

What changes do I need to make to the line of code WHERE field1 LIKE ? to perform the query with the wildcard %?

我已经尝试过WHERE field1 LIKE '%?%'，但是那没用.

I've tried WHERE field1 LIKE '%?%' but that didn't work.

我是否必须先添加'%

并附加%'

要保存到$singer中的值?

推荐答案

尝试

$str = "%".$singer."%";
$SQL =
      "SELECT *
        FROM table
        WHERE field1 LIKE ?
        ORDER BY field2 ASC";

$sth = $dbh-> prepare ($SQL);
$sth->bindParam (1, $str);

参考 ==>参见第三个示例

Reference ==> see 3rd Example

这篇关于使用LIKE和通配符(例如％，_)进行参数化查询的正确PDO语法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！