In SQLITE3, how do I make SQL escape in the Like clause?

I want to run LIKE queries in sqlite3 and safely escape user input. Basically, I want to do something like this:

< /p>

char* query = "SELECT * FROM table WHERE LOWER(notes) LIKE'%?%'";
sqlite3_stmt* statement;
sqlite3_prepare_v2( database, query, -1, &statement , NULL );

But? Not respected in LIKE expressions. Does anyone know how to do it?

char* query = "SELECT * FROM table WHERE LOWER(notes) LIKE'% '||? ||'%'";

But I suggest you consider using FTS3 for full text search, because your query runs hundreds of times faster than using brute force LIKE queries.

< /div>

I want to run a LIKE query in sqlite3 and safely escape the user’s input. Basically, I want to do something like this:

char* query = "SELECT * FROM table WHERE LOWER(notes) LIKE'%?%'";
sqlite3_stmt* statement;
sqlite3_prepare_v2( database, query, -1, &statement, NULL );

But? Not respected in LIKE expressions. Does anyone know how to do it?

char* query = "SELECT * FROM table WHERE LOWER(notes) LIKE'%' ||? ||'%'";< /pre> 

But I suggest you consider using FTS3 for full text search, because your query runs hundreds of times faster than using brute force LIKE queries.

WordPress database error: [Table 'yf99682.wp_s6mz6tyggq_comments' doesn't exist]
SELECT SQL_CALC_FOUND_ROWS wp_s6mz6tyggq_comments.comment_ID FROM wp_s6mz6tyggq_comments WHERE ( comment_approved = '1' ) AND comment_post_ID = 922 ORDER BY wp_s6mz6tyggq_comments.comment_date_gmt ASC, wp_s6mz6tyggq_comments.comment_ID ASC

Leave a Comment

Your email address will not be published.