use this one:
$selectObj->where('name LIKE ?', '%' . $var . '%');
but if you must quote on your own:
$selectObj->where('name LIKE ' . $adapter->quote('%' . $var . '%'));
With parameterization, you should not need to quote/escape things on
your own (unless for some reason you want to have the data "escaped" in
a different way b/c of your applications rules.)
What are you trying to accomplish?
-ralph
Mark Wright wrote:
I want to insert a variable into a LIKE query using zend_db_statement
but I'm not sure how to do this correctly. This doesn't work:
$selectObj->where("name LIKE '%?%'", $var );
It gives you "name LIKE '%'some text'%'". I can do this:
$selectObj->where("name LIKE ?", '%' . $var . '%' );
What I really want would be something like this:
$selectObj->where("name LIKE '%" . $adapter->escape($var) . "%'");
It makes sense to me that there should be a basic escape method like
mysql_real_escape_string(). I don't want to use any mysql functions
because we are always debating here about switching to postgresql and
if we do those mysql functions would have to come out.
Does anybody have any ideas?
Mark
