Building a SQL query with LIKE and 's

  • Thread starter Thread starter Anonymous
  • Start date Start date
Have you tried echo'ing out the dynamically produced query and executing it on the SQL server (through some method other than utilizing your PHP server)

Sometimes actually reading through the query once it is completely generated helps ascertain what is incorrect about it. From your description (and no knowledge about the content or structure of your database) your query looks correct and the type of slashes should not be causing the problem.

All of this is assuming that you are, as you say, not a complete idiot.
 
After smoking a huge blunt, and taking a couple of vicadine, I think I know what the issue is.

IF your variable that you're doing the search on as a tick or a back-tick in the variable, that will end the "string" to search for, but that leaves one open tick left, and then the script bombs.

$variable = addslashes($variable);

before your query and see if that makes the difference.
 
So just to clarify...

The query shows up as:
Code:
SELECT * FROM dbname WHERE field LIKE \'a%\'

When you use addslashes OR does it happen when you don't use addslashes.

If the latter is the case it seems like your server utilizes magic quotes or something of the sort. In which case you would need to use "stripslashes()" and it should work.
 
Back
Top