I'm testing a small search feature:
But I've come across an error that I cannot seem to solve. You can see the PDO query here:
$search = "test1"; //later to be changes to $_POST ['search'];
$sql = "SELECT id, name FROM clients WHERE name LIKE CONCAT('%',:name,'%')";
$stm = $db->prepare ($sql);
$stm->bindParam ( ":name", $search );
$stm->execute ();
$result = $stm->fetchAll();
As you can see, I'm trying to bind the parameter %:name% from my query, but I don't know if that's actually possible?
I revieve the error: Uncaught exception 'PDOException' with message 'SQLSTATE[42000]:.....
And I can see in the error that '' has been put around test1 %'test1'%
Is what I'm trying possible, or do I need to do something like this?
$query = "SELECT id, name FROM clients WHERE name like :name order by id LIMIT 5";
$sql->execute(array(":name" => "%" .$search . "%"));
Use
LIKE CONCAT('%', :name, '%')
来源:https://stackoverflow.com/questions/27051295/pdo-use-like-in-bindparam