发表新帖
发表新帖

MySQL LIKE + php sprintf

前端 未结
关注
5 2260
陌清茗
陌清茗 2021-02-13 13:34 
$test = sprintf(\"SELECT * FROM `table` WHERE `text` LIKE \'%%s%\'\", mysql_real_escape_string(\'test\'));

echo $test;

output:

SELECT
5条回答
  • 渐次进展
    渐次进展 (楼主)
    2021-02-13 13:38

    You’re jumbling contexts. For consistency, put the things that aren't inside the SQL single quotes outside of the sprintf() format string:

    $test = sprintf(
          "SELECT * FROM `table` WHERE"
            . "`xt` LIKE '%s'",
          "%" . mysql_real_escape_string("test") . "%"
        );

    0 讨论(0)
 看不清?
提交回复
热议问题