Text only | Text with Images

Simple Machines Community Forum

General Community => Scripting Help => Topic started by: mickjav on September 28, 2022, 02:44:33 PM

Title: SQL Like And Single Quotes
Post by: mickjav on September 28, 2022, 02:44:33 PM
I have found while testing a search system, If I use a single quote with the below I get a error.

is there another way of doing the below so I can use single quotes

Code Select
$record = $smcFunc['htmlspecialchars']($_REQUEST['search'],ENT_QUOTES);


switch ($_REQUEST['Search_by'])
{
case '1':
$searchby = ' LIKE "' . $record . '%"';
break;

default:
$searchby = ' LIKE "%' . $record . '%"';
break;
}
mick
Title: Re: SQL Like And Single Quotes
Post by: Doug Heffernan on September 28, 2022, 03:53:25 PM
Quote from: mickjav on September 28, 2022, 02:44:33 PMIf I use a single quote with the below I get a error.

What error are you getting?
Title: Re: SQL Like And Single Quotes
Post by: mickjav on September 28, 2022, 05:32:32 PM
Quote from: Doug Heffernan on September 28, 2022, 03:53:25 PM
Quote from: mickjav on September 28, 2022, 02:44:33 PMIf I use a single quote with the below I get a error.

What error are you getting?

No direct access...

You can see for yourself using below on my test forum
https://www.databasedreams.co.uk/testing/index.php?action=music;area=artists;sa=recsearch
Text only | Text with Images