Using 'LIKE' in sql WHERE clause...SOLVED (i think)
2 posts by 2 authors in: Forums > CMS Builder
Last Post: November 18, 2008 (RSS)
Hi Dave-
Disregard my last post about using the 'LIKE' clause...I discovered if I include
'allowSearch' => '0',, it works fine...
list($certificationsRecords, $certificationsMetaData) = getRecords(array(
'tableName' => 'certifications',
'orderBy' => 'model ASC',
'allowSearch' => '0',
'where' => "model like '%".$model."%'",
));
:-) Rick
Disregard my last post about using the 'LIKE' clause...I discovered if I include
'allowSearch' => '0',, it works fine...
list($certificationsRecords, $certificationsMetaData) = getRecords(array(
'tableName' => 'certifications',
'orderBy' => 'model ASC',
'allowSearch' => '0',
'where' => "model like '%".$model."%'",
));
:-) Rick
Re: [rcrofoot] Using 'LIKE' in sql WHERE clause...SOLVED (i think)
By Dave - November 18, 2008
Hi Rick,
Glad you got it working. Some tricks for you. You can see what query CMS Builder is trying by adding this:
'debugSql' => true,
If you look at the "WHERE" part of the query it will sometimes give you clues as to what's going on, such as when the automatic searching features are kicking in when you don't want them to.
Next, be sure to escape user submitted values like this:
'where' => "model like '%".mysql_real_escape_string($model)."%'",
to prevent "SQL Injections Attacks". Read more details here: http://en.wikipedia.org/wiki/SQL_injection
Hope that helps!
Glad you got it working. Some tricks for you. You can see what query CMS Builder is trying by adding this:
'debugSql' => true,
If you look at the "WHERE" part of the query it will sometimes give you clues as to what's going on, such as when the automatic searching features are kicking in when you don't want them to.
Next, be sure to escape user submitted values like this:
'where' => "model like '%".mysql_real_escape_string($model)."%'",
to prevent "SQL Injections Attacks". Read more details here: http://en.wikipedia.org/wiki/SQL_injection
Hope that helps!
Dave Edis - Senior Developer
interactivetools.com
interactivetools.com