2

I'm building an auto-complete plugin and I need to check all words that start with a certain term, for example, setting $one as follows will detect "list", "listener", "listening", etc.:

$one= "list%";

How do I append a wildcard (%) to my second example to achieve the same result?

$one= $_REQUEST['term'];  // lacks %
Mark Elliot
  • 75,278
  • 22
  • 140
  • 160
user455318
  • 3,280
  • 12
  • 41
  • 66
  • 3
    This question makes no sense sorry. Please modify your post so that it describes more of what you want to do and what the problem is. – Craig White Apr 14 '11 at 01:42
  • 1
    more details added to the question – user455318 Apr 14 '11 at 01:46
  • 3
    the first answer took 13 mim. perhaps the question seems more obvious now – user455318 Apr 14 '11 at 02:03
  • 4
    @Stephen: Please read the [FAQ](http://stackoverflow.com/faq) about the proper way to act towards others. Comments like this are not conducive to helping others, and don't follow the general spirit of this community. If it's too much trouble to be polite and try to help, maybe you need to just not comment. Thanks. – Ken White Apr 14 '11 at 02:41
  • @Ken White: I can't imagine any scenario where a question asking how to join two strings together helps the scenario. I can't even imagine a scenario where someone would know how to access an array member but not know how to join two strings together. – Stephen Apr 14 '11 at 03:24
  • @Stephen, it is really good for the community to have experts like you. Sorry if my question bother you, you can ignore it – user455318 Apr 14 '11 at 03:29
  • @Ken White: Please read the FAQ about "Questions that are extremely off topic, or of very low quality, may be removed.". – Stephen Apr 14 '11 at 08:49
  • @Stephen: Your comment (the one I originally mentioned) came to my attention because someone else flagged it as "noise, spam, or offensive", and I was reviewing those flagged posts. So I'm apparently not the only one who thought you were impolite (at least) or downright rude - you'll also note that the comment in question no longer appears here, so it was bad enough to be voted for deletion. Again, read the FAQ, and concern yourself with your own behavior first; when you think a question is bad, you can feel free to downvote it (if you have sufficient rep to do so). – Ken White Apr 14 '11 at 11:05

2 Answers2

5

After analyzing your riddle, I think this is what you want:

$one = $_REQUEST["term"] . "%";

This appends the % sql placeholder to that search term. (That's what I surmise here.)

mario
  • 144,265
  • 20
  • 237
  • 291
0

This is a pretty interesting method of creating an auto-complete form. In order for this not be a security nightmare consider few things:

SQL Injections:

The best way to protect your website from these types of attacks is to use PDO and prepared queries.

Form Validation and Sanitation:

Data from $_GET or $_POST should always be treated with care. You are passing variables from $_GET straight to database. This is very insecure. Imagine if instead of a name you got something like 'Mike;{InsertEvilCode}'.

Searching with Wildcards (%):

In general 'Wildcard' searches are pretty slow, so you want to keep the number of Wildcard symbols low.

Community
  • 1
  • 1
GEMI
  • 2,239
  • 3
  • 20
  • 28