Use PHP variable in a SELECT LIKE query












0















I'm trying to execute a mysqli query using the following code:



$sql = "SELECT * FROM `table` WHERE `description` LIKE ('AB CD %')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


and this query gives me 6 results. It will only looks for items like "AB CD EF..." and not items like "AB CDEF...", which is exactly what I want.
But if I give to the LIKE value a variable like this:



$var = "AB CD ";

$sql = "SELECT * FROM `table` WHERE `description` LIKE ('$var%')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


it gives me zero results.



I have tried also several LIKE formats such ...('".$var."%')"; or CONCAT($var, '%'), but nothing.



How can get the same results as the first query usin a variable like in the sencond query?



The variable is get by a query which will select all description items and then, inside a while loop, it will look for the first Capital letters of each item:



$name = $row['description'];

$expr = '/[A-Z]*/';

preg_match_all($expr, $name, $res);

$var = implode(' ', $res[0]);


Each row has values like "AB CD EF something else in not capital letters"



Thank you.






php mysqli







share|improve this question

























  • how about $var = 'AB CD %'; ?

    – Always Sunny
    Nov 24 '18 at 16:28











  • Yes, tried, also.

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Maybe is important to refer how I get the variable. I will edit the post

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Yes that is very much important. I guess you need to escape the string also.

    – Always Sunny
    Nov 24 '18 at 16:32








  • 2





    How about using prepared statements...

    – dn Fer
    Nov 24 '18 at 16:35
















0















I'm trying to execute a mysqli query using the following code:



$sql = "SELECT * FROM `table` WHERE `description` LIKE ('AB CD %')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


and this query gives me 6 results. It will only looks for items like "AB CD EF..." and not items like "AB CDEF...", which is exactly what I want.
But if I give to the LIKE value a variable like this:



$var = "AB CD ";

$sql = "SELECT * FROM `table` WHERE `description` LIKE ('$var%')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


it gives me zero results.



I have tried also several LIKE formats such ...('".$var."%')"; or CONCAT($var, '%'), but nothing.



How can get the same results as the first query usin a variable like in the sencond query?



The variable is get by a query which will select all description items and then, inside a while loop, it will look for the first Capital letters of each item:



$name = $row['description'];

$expr = '/[A-Z]*/';

preg_match_all($expr, $name, $res);

$var = implode(' ', $res[0]);


Each row has values like "AB CD EF something else in not capital letters"



Thank you.






php mysqli







share|improve this question

























  • how about $var = 'AB CD %'; ?

    – Always Sunny
    Nov 24 '18 at 16:28











  • Yes, tried, also.

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Maybe is important to refer how I get the variable. I will edit the post

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Yes that is very much important. I guess you need to escape the string also.

    – Always Sunny
    Nov 24 '18 at 16:32








  • 2





    How about using prepared statements...

    – dn Fer
    Nov 24 '18 at 16:35














0












0








0








I'm trying to execute a mysqli query using the following code:



$sql = "SELECT * FROM `table` WHERE `description` LIKE ('AB CD %')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


and this query gives me 6 results. It will only looks for items like "AB CD EF..." and not items like "AB CDEF...", which is exactly what I want.
But if I give to the LIKE value a variable like this:



$var = "AB CD ";

$sql = "SELECT * FROM `table` WHERE `description` LIKE ('$var%')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


it gives me zero results.



I have tried also several LIKE formats such ...('".$var."%')"; or CONCAT($var, '%'), but nothing.



How can get the same results as the first query usin a variable like in the sencond query?



The variable is get by a query which will select all description items and then, inside a while loop, it will look for the first Capital letters of each item:



$name = $row['description'];

$expr = '/[A-Z]*/';

preg_match_all($expr, $name, $res);

$var = implode(' ', $res[0]);


Each row has values like "AB CD EF something else in not capital letters"



Thank you.






php mysqli







share|improve this question
















I'm trying to execute a mysqli query using the following code:



$sql = "SELECT * FROM `table` WHERE `description` LIKE ('AB CD %')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


and this query gives me 6 results. It will only looks for items like "AB CD EF..." and not items like "AB CDEF...", which is exactly what I want.
But if I give to the LIKE value a variable like this:



$var = "AB CD ";

$sql = "SELECT * FROM `table` WHERE `description` LIKE ('$var%')";

$result= mysqli_query($con, $sql) or die(mysqli_error());


it gives me zero results.



I have tried also several LIKE formats such ...('".$var."%')"; or CONCAT($var, '%'), but nothing.



How can get the same results as the first query usin a variable like in the sencond query?



The variable is get by a query which will select all description items and then, inside a while loop, it will look for the first Capital letters of each item:



$name = $row['description'];

$expr = '/[A-Z]*/';

preg_match_all($expr, $name, $res);

$var = implode(' ', $res[0]);


Each row has values like "AB CD EF something else in not capital letters"



Thank you.






php mysqli




php mysqli






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 24 '18 at 16:39







Goncalorsr

















asked Nov 24 '18 at 16:26









GoncalorsrGoncalorsr

134




134













  • how about $var = 'AB CD %'; ?

    – Always Sunny
    Nov 24 '18 at 16:28











  • Yes, tried, also.

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Maybe is important to refer how I get the variable. I will edit the post

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Yes that is very much important. I guess you need to escape the string also.

    – Always Sunny
    Nov 24 '18 at 16:32








  • 2





    How about using prepared statements...

    – dn Fer
    Nov 24 '18 at 16:35



















  • how about $var = 'AB CD %'; ?

    – Always Sunny
    Nov 24 '18 at 16:28











  • Yes, tried, also.

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Maybe is important to refer how I get the variable. I will edit the post

    – Goncalorsr
    Nov 24 '18 at 16:31











  • Yes that is very much important. I guess you need to escape the string also.

    – Always Sunny
    Nov 24 '18 at 16:32








  • 2





    How about using prepared statements...

    – dn Fer
    Nov 24 '18 at 16:35

















how about $var = 'AB CD %'; ?

– Always Sunny
Nov 24 '18 at 16:28





how about $var = 'AB CD %'; ?

– Always Sunny
Nov 24 '18 at 16:28













Yes, tried, also.

– Goncalorsr
Nov 24 '18 at 16:31





Yes, tried, also.

– Goncalorsr
Nov 24 '18 at 16:31













Maybe is important to refer how I get the variable. I will edit the post

– Goncalorsr
Nov 24 '18 at 16:31





Maybe is important to refer how I get the variable. I will edit the post

– Goncalorsr
Nov 24 '18 at 16:31













Yes that is very much important. I guess you need to escape the string also.

– Always Sunny
Nov 24 '18 at 16:32







Yes that is very much important. I guess you need to escape the string also.

– Always Sunny
Nov 24 '18 at 16:32






2




2





How about using prepared statements...

– dn Fer
Nov 24 '18 at 16:35





How about using prepared statements...

– dn Fer
Nov 24 '18 at 16:35












3 Answers
3






active

oldest

votes


















1














How about this after wrapping the variable with curly braces {}? Also I just removed the extra parenthesis () after LIKE :)



$var = "AB CD ";

$sql = "SELECT * FROM `table` WHERE `description` LIKE '{$var}%'";





share|improve this answer
























  • Yes I tried this, also.

    – Goncalorsr
    Nov 24 '18 at 16:39



















0














Well, user3783243 found the problem.
When I implode the array to get the $var in a string, for some reason I cannot explain, the array elements (a lot of them) that had no value were included. The solution was to explode the $var, pass it through the array_filter function, to delete the empty elements and implode it again.
Thank you all.






share|improve this answer































    -1














    Use :



    $var = "AB CD ";
    
$sql = "SELECT * FROM `table` WHERE `description` LIKE '".$var."%'";


    But this is a bad practice as well as highly vulnerable, use prepared statement instead : http://php.net/manual/en/book.pdo.php






    share|improve this answer
























    • That is the same as what the OP has. PDO can be just as secure/insecure as mysqli.

      – user3783243
      Nov 24 '18 at 18:06











    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53460128%2fuse-php-variable-in-a-select-like-query%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    How about this after wrapping the variable with curly braces {}? Also I just removed the extra parenthesis () after LIKE :)



    $var = "AB CD ";
    
$sql = "SELECT * FROM `table` WHERE `description` LIKE '{$var}%'";





    share|improve this answer
























    • Yes I tried this, also.

      – Goncalorsr
      Nov 24 '18 at 16:39
















    1














    How about this after wrapping the variable with curly braces {}? Also I just removed the extra parenthesis () after LIKE :)



    $var = "AB CD ";
    
$sql = "SELECT * FROM `table` WHERE `description` LIKE '{$var}%'";





    share|improve this answer
























    • Yes I tried this, also.

      – Goncalorsr
      Nov 24 '18 at 16:39














    1












    1








    1







    How about this after wrapping the variable with curly braces {}? Also I just removed the extra parenthesis () after LIKE :)



    $var = "AB CD ";
    
$sql = "SELECT * FROM `table` WHERE `description` LIKE '{$var}%'";





    share|improve this answer













    How about this after wrapping the variable with curly braces {}? Also I just removed the extra parenthesis () after LIKE :)



    $var = "AB CD ";
    
$sql = "SELECT * FROM `table` WHERE `description` LIKE '{$var}%'";






    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Nov 24 '18 at 16:31









    Always SunnyAlways Sunny

    16.4k32847




    16.4k32847













    • Yes I tried this, also.

      – Goncalorsr
      Nov 24 '18 at 16:39



















    • Yes I tried this, also.

      – Goncalorsr
      Nov 24 '18 at 16:39

















    Yes I tried this, also.

    – Goncalorsr
    Nov 24 '18 at 16:39





    Yes I tried this, also.

    – Goncalorsr
    Nov 24 '18 at 16:39













    0














    Well, user3783243 found the problem.
    When I implode the array to get the $var in a string, for some reason I cannot explain, the array elements (a lot of them) that had no value were included. The solution was to explode the $var, pass it through the array_filter function, to delete the empty elements and implode it again.
    Thank you all.






    share|improve this answer




























      0














      Well, user3783243 found the problem.
      When I implode the array to get the $var in a string, for some reason I cannot explain, the array elements (a lot of them) that had no value were included. The solution was to explode the $var, pass it through the array_filter function, to delete the empty elements and implode it again.
      Thank you all.






      share|improve this answer


























        0












        0








        0







        Well, user3783243 found the problem.
        When I implode the array to get the $var in a string, for some reason I cannot explain, the array elements (a lot of them) that had no value were included. The solution was to explode the $var, pass it through the array_filter function, to delete the empty elements and implode it again.
        Thank you all.






        share|improve this answer













        Well, user3783243 found the problem.
        When I implode the array to get the $var in a string, for some reason I cannot explain, the array elements (a lot of them) that had no value were included. The solution was to explode the $var, pass it through the array_filter function, to delete the empty elements and implode it again.
        Thank you all.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 24 '18 at 18:22









        GoncalorsrGoncalorsr

        134




        134























            -1














            Use :



            $var = "AB CD ";
            
$sql = "SELECT * FROM `table` WHERE `description` LIKE '".$var."%'";


            But this is a bad practice as well as highly vulnerable, use prepared statement instead : http://php.net/manual/en/book.pdo.php






            share|improve this answer
























            • That is the same as what the OP has. PDO can be just as secure/insecure as mysqli.

              – user3783243
              Nov 24 '18 at 18:06
















            -1














            Use :



            $var = "AB CD ";
            
$sql = "SELECT * FROM `table` WHERE `description` LIKE '".$var."%'";


            But this is a bad practice as well as highly vulnerable, use prepared statement instead : http://php.net/manual/en/book.pdo.php






            share|improve this answer
























            • That is the same as what the OP has. PDO can be just as secure/insecure as mysqli.

              – user3783243
              Nov 24 '18 at 18:06














            -1












            -1








            -1







            Use :



            $var = "AB CD ";
            
$sql = "SELECT * FROM `table` WHERE `description` LIKE '".$var."%'";


            But this is a bad practice as well as highly vulnerable, use prepared statement instead : http://php.net/manual/en/book.pdo.php






            share|improve this answer













            Use :



            $var = "AB CD ";
            
$sql = "SELECT * FROM `table` WHERE `description` LIKE '".$var."%'";


            But this is a bad practice as well as highly vulnerable, use prepared statement instead : http://php.net/manual/en/book.pdo.php







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Nov 24 '18 at 17:57









            LabLab

            1,00489




            1,00489













            • That is the same as what the OP has. PDO can be just as secure/insecure as mysqli.

              – user3783243
              Nov 24 '18 at 18:06



















            • That is the same as what the OP has. PDO can be just as secure/insecure as mysqli.

              – user3783243
              Nov 24 '18 at 18:06

















            That is the same as what the OP has. PDO can be just as secure/insecure as mysqli.

            – user3783243
            Nov 24 '18 at 18:06





            That is the same as what the OP has. PDO can be just as secure/insecure as mysqli.

            – user3783243
            Nov 24 '18 at 18:06


















            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53460128%2fuse-php-variable-in-a-select-like-query%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Costa Masnaga

            Image
            .mw-parser-output .avviso .mbox-text-div>div,.mw-parser-output .avviso .mbox-text-full-div>div{font-size:90%}.mw-parser-output .avviso .mbox-image div{width:52px}.mw-parser-output .avviso .mbox-text-full-div .hide-when-compact{display:block} Questa voce o sezione sull'argomento Lombardia non cita le fonti necessarie o quelle presenti sono insufficienti . Puoi migliorare questa voce aggiungendo citazioni da fonti attendibili secondo le linee guida sull'uso delle fonti. Segui i suggerimenti del progetto di riferimento. Costa Masnaga comune Localizzazione Stato   Italia Regione Lombardia Provincia Lecco Amministrazione Sindaco Sabina Panzeri (Al centro il cittadino) dall'08/06/2009 Territorio Coordinate 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Coordinate: 45°46′N 9°17′E  /  45.766667°N 9.283333°E 45.766667; 9.283333  ( Costa Masnaga ) Altitudine 318 m s.l.m...
            Read more

            Fotorealismo

            Image
            Guerrino Boatto, Venice's St. Barnaba Church and canal Il fotorealismo è un genere di pittura basato sull'uso di una o più fotografie dalle quali l'artista prende le informazioni necessarie da utilizzare poi nel processo della creazione dell'opera, in genere ad olio o ad acrilico, al fine di avere un aspetto finale il più simile possibile alla fotografia. Indice 1 Storia 2 Lista dei fotorealisti 3 Note 4 Voci correlate 5 Altri progetti Storia | Il fotorealismo è un movimento che nasce negli Stati Uniti d'America alla fine degli anni sessanta [1] sulla scia della Pop Art [2] [3] [4] , e insieme condividono il carattere reazionario verso la travolgente ascesa dei media, che alla metà del ventesimo secolo si trasforma in un fenomeno di massa talmente imponente da minacciare il valore dell'immagine nell'arte. [5] [6] Ne consegue così che, colto il gesto d'inizio che fu della Pop Art, i fotorealisti aprono ad un ...
            Read more

            Sidney Franklin

            Image
            Questa voce sull'argomento registi statunitensi è solo un abbozzo . Contribuisci a migliorarla secondo le convenzioni di Wikipedia. Sidney Franklin, foto di Carl Van Vechten Oscar alla memoria Irving G. Thalberg 1943 Sidney Franklin , all'anagrafe Sidney Arnold Franklin , (San Francisco, 21 marzo 1893 – Santa Monica, 18 maggio 1972), è stato un regista, produttore cinematografico e attore statunitense. Il 20 giugno 1963, si sposò con l'attrice australiana Enid Bennett. Il matrimonio durò fino alla morte dell'attrice, il 14 maggio 1969 [1] Indice 1 Filmografia 1.1 Regista 1.2 Aiuto regia (parziale) 1.3 Produttore 1.4 Attore (parziale) 2 Note 3 Altri progetti 4 Collegamenti esterni Filmografia | Regista | The Baby , co-regia Chester M. Franklin (1915) The Rivals , co-regia Chester M. Franklin (1915) Little Dick's First Case , co-regia Chester M. Franklin (1915) Her Filmland Hero , co-...
            Read more