Problem with a mysql query (like) and php

Question

Hi!

i'm trying to use the statement like of sql but unfortunately I get an error every time I use the query. In a php file I have:

$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria 
    FROM Productos WHERE Nombre LIKE \"%$a%\"";

but i get this error:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\"%THE VALUE OF A%\"' at line 1

If i try the same statement on phpmyadmin i don't have any error. Why with php I get this error?

Thanks!

Answer 1

Use single quotes in your LIKE string instead (I believe phpMyAdmin magically converts that to single quotes for you before running the query):

$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria FROM Productos WHERE Nombre LIKE '%$a%'";

Make sure you've escaped $a using mysql_real_escape_string() too, because it might be breaking your queries by introducing unescaped quotes!

Answer 2

$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria 
    FROM Productos WHERE Nombre LIKE \"%"+$a+"%\"";

Answer 3

Try:

$b = "SELECT Nombre, Link, Img_Pre, Precio, Descripcion, ID, Categoria, Subcategoria FROM Productos WHERE Nombre LIKE '%$a%'";

Some SQL queries will croak if you don't use apostrophes as the string delimeter

Answer 4

WOW how fast are you guys! Thanks a lot for your help. Finally with your answer I was sure that this part of my code was correct and when Bolt said me that I have to use 'mysql_real_escape_string' I realized that in this variable I didn't use it but what it's more, I used after defining all the query. I change 'mysql_real_escape_string' from all the query to only my variable a and all gone well!

Thanks! :D