DB->sql_like doesn't like mysql

DB->sql_like doesn't like mysql

by Itamar Tzadok -
Number of replies: 5

2.2.2+

$DB->delete_records_select('user', $DB->sql_like('firstname', '?'), array('anonfirstname'))

doesn't seem to work where

$DB->delete_records_select('user', " firstname LIKE '%anonfirstname%' ")

works.

Any ideas would be appreciated. smile

Average of ratings: -
In reply to Itamar Tzadok

Re: DB->sql_like doesn't like mysql

by Edmund Edgar -

Hi Itamar.

I don't know if this is what's causing your problem, but you probably meant to put some wildcard markers in your parameter list, eg:

$DB->delete_records_select('user', $DB->sql_like('firstname', '?'), array('%anonfirstname%'))

Average of ratings: -
In reply to Edmund Edgar

Re: DB->sql_like doesn't like mysql

by Itamar Tzadok -

No I didn't mean (and haven't tried) to put some wildcards because they are disliked:

        if (strpos($param, '%') !== false) {
            debugging('Potential SQL injection detected, sql_like() expects bound parameters (? or :named)');
        }
So, it's probably not the problem. smile

Average of ratings: -
In reply to Itamar Tzadok

Re: DB->sql_like doesn't like mysql

by Edmund Edgar -

You wouldn't be passing the string containing the wildcard to sql_like(), you'd be putting it in the parameter list you're passing to delete_records_select().

Average of ratings: -
In reply to Edmund Edgar

Re: DB->sql_like doesn't like mysql

by Itamar Tzadok -

Right you are. There actually are instances of that all over but at the end of two days of struggling to make backup/restore do things it never thought it could do I was just too tired to see them. Thanks! smile

Average of ratings: -
In reply to Itamar Tzadok

Re: DB->sql_like doesn't like mysql

by Edmund Edgar -

Know the feeling. Still planning on getting backup/restore working properly on my module one of these days...

Average of ratings: Useful (1)