Zach Brown Tue May 31 20:21:21 -0400 2011

Subject: Escaping Like Clause - How to do?

Hello, I was wondering if there is any way to have activerecord escape a like clause when using a ::find. Right now, the only way I have been able to do it is

$search_args['conditions'] = '`desc` LIKE "%' . mysql_real_escape_string($_GET['search']) . '%"';

Is it possible to do it like this? I can't seem to get it to work.

$search_args['conditions'] = array('`desc` LIKE "%?%"', $_GET['search']);

Thanks!


Yoan B Wed Jun 01 03:23:25 -0400 2011

What about this?

1 $foos = Foo::find(array('conditions' => array(
2     '`desc` LIKE ?', '%'.$_GET['search'].'%',
3 )));
Maiquel Leonel Wed Jul 27 09:49:52 -0400 2011

IMHO

I implements this way:
$foos = Foo::find(array('conditions' => array( '`desc` LIKE CONCAT("%", ? ,"%")', $_GET['search'], )));
it's a better readability :P

(1-2/2)