How to search whole sentence form mysql database?

Question

This is my code

 $question = "What is your Name";
    $query = "SELECT * FROM `def_questions` where `question` LIKE '$question' ";

it does not retun the exact result I need exact ( What is Your Name ) will some body help me to do this.

Thanks in Advance !

the same word for word and caps? What is the content of `question` column? — hungrykoala, May 03 '18 at 07:16
If you use this query in MySQL, does it work? Is there a row with the **exact** question? — Nico Haase, May 03 '18 at 07:27
^ it matters if we know if the questions you need are on the list word for word. — hungrykoala, May 03 '18 at 07:28
Give [this](https://www.w3schools.com/sql/sql_like.asp) a read on how to use LIKE since you've used it in your question. — hungrykoala, May 03 '18 at 07:30

Bhawesh Chandola · Answer 1 · 2018-05-04T10:30:15.027

1

Try adding '%' before and after your variable as shown below.

$question = "What is your Name";
$query = "SELECT * FROM `def_questions` where `question` LIKE '%$question%' ";

EDIT To prevent SQL injection just do this:

$question = mysql_real_escape_string($question);

edited May 04 '18 at 10:30

answered May 03 '18 at 07:18

Bhawesh Chandola

511
5
19

It gives the blank Array ! – Sajid Mehmood May 03 '18 at 07:23
@SajidMehmood then I guess your database structure is different can provide your database structure and some rows maybe? – Bhawesh Chandola May 03 '18 at 07:27
In phpmyadmin it working fine but when use query in php give no result – Sajid Mehmood May 03 '18 at 07:31
@Sajid Mehmood Could you show us your complete code? If you said it does work in phpmyadmin console then perhaps the problems occur in your php code. – CK Wong May 03 '18 at 07:32
Yes, if it is working fine on phpmyadmin then there is something wrong in your php code. As, the query works fine. – Bhawesh Chandola May 03 '18 at 07:34

score 1 · Accepted Answer · answered May 03 '18 at 08:06

1

 $question = rtrim(ltrim(strip_tags(What is your Name)));
$query = "SELECT * FROM `def_questions` where `question` LIKE '%$question%' ";

answered May 03 '18 at 08:06

Sajid Mehmood

483
2
6
18

score 1 · Answer 3 · answered May 03 '18 at 21:52

Your code may be vulnerable for SQL Injection. You should use prepared statements for passing values to query:

$questions = Yii::$app->db
    ->createCommand("SELECT * FROM `def_questions` where `question` LIKE :question", [
        ':question' => "%$question%",
    ])
    ->queryAll();

Note that you should also escape some special characters from searched value, to make it work correctly with LIKE operator (for example treat % as % instead of "anything", see How to use a percent (%) in a LIKE without it being treated as a wildcard?):

$question = strtr($question, [
    '%' => '\%',
    '_' => '\_',
    '\\' => '\\\\',
]);
$questions = Yii::$app->db
    ->createCommand("SELECT * FROM `def_questions` where `question` LIKE :question", [
        ':question' => "%$question%",
    ])
    ->queryAll();

The easiest way to do the whole thing is probably by using Query:

$questions = (new \yii\db\Query())
    ->from('def_questions')
    ->where(['like', 'question', $question])
    ->all();

Query will do escaping for you and will return results for SQL query:

SELECT * FROM `def_questions` where `question` LIKE '%What is your Name%'

score 0 · Answer 4 · answered May 03 '18 at 07:35

0

If You want exact result, you can use = instead of LIKE

$question = "What is your Name";
$query = "SELECT * FROM `def_questions` where `question` = '$question'"

answered May 03 '18 at 07:35

Peerbits - Backend Team

167
9

How to search whole sentence form mysql database?

4 Answers4