Using wildcards in prepared statement - MySQLi

Question

I\'m trying to run the following query, and I\'m having trouble with the wildcard.

   function getStudents() {
        global $db;
        $users = array();
         


        

Answer 1

It is the same reason that happens in C++. When you pass a value to a function which expects the argument to be a reference, you need a variable ( not temporary ). So first create a variable and then pass it.

Answer 2

Parameter #2 must be a reference, not a value. Try

$param = '%' . $this->className . '%';
$query->bind_param('s', $param);

Answer 3

Another way to do this is:

SELECT id, adminRights FROM users 
  WHERE classes LIKE CONCAT("%", ?, "%") && adminRights='student'

This is handy in case you have a dynamic result bind and only want to change the SQL query...

Answer 4

You have to pass parameters to bind_param() by reference, which means you have to pass a single variable (not a concatenated string). There's no reason you can't construct such a variable specifically to pass in, though:

$className = '%' . $this->className . '%';
$query->bind_param('s', $className);

Answer 5

The existing answers didn't work for me so this is what I used instead:

 $sql = mysql_query("SELECT * FROM `products` WHERE `product_title` LIKE '$userInput%'") or die(mysq_error());

And it work all the time.

and just to top it all I just tried the simplest form and it worked

$sql = "SELECT * FROM `products` WHERE `product_title` LIKE '%".$userInput."%'";

I hope this helps