1

I am Querying a Database where all values are stored as VARs I am trying to do a results query based on a String Variable.

here is my query

$searchQueryString = strval($searchQuery);
        $searchQueryFinal = "%$searchQueryString%";
        echo $searchQueryString;
            $SearchQuerySQL = "SELECT * FROM PurchaseHistory WHERE MainTicketNumbers LIKE ? ";
            $SearchQuerySTMT = $conn->prepare($SearchQuerySQL);
            $SearchQuerySTMT->execute([$searchQueryFinal]);

My challenge is that when i supply a numeric value to the SQL statement it returns no results. I added the strval line to try to convert the search to a string rather then an integer. Any Idea's

matthew parisi
  • 29
  • 2
  • What's a "`VAR`"? You mean the `varchar` data type? If yes than as a side note, you should probably revision your database design. `varchar` isn't a one size fits all type. Use an appropriate type for all columns. – sticky bit Jan 05 '22 at 19:46
  • Besides that, your question is unclear. [Edit] the question and provide a [example], i.e. the `CREATE` statements of the tables or other objects involved (paste the **text**, don't use images, don't link to external sites), `INSERT` statements for sample data (dito) and the desired result with that sample data in tabular text format with different sample values for `$searchQuery`. – sticky bit Jan 05 '22 at 19:47
  • When you provide precise value as a parameter then LIKE acts as common `=`. You must provide a pattern which contains wildcard character(s). – Akina Jan 05 '22 at 19:47
  • @Akina I thought that at first as well but the wildcards are wrapping within the variable. – Martin Jan 05 '22 at 19:52
  • @Martin *are you sure* that "Prepared Statement is removing your wildcards"? Or, are you sure that Prepared Statement is removing *anything* for that matter? – Your Common Sense Jan 06 '22 at 08:13
  • 1
    @YourCommonSense in the cold light of morning, no, that's probably incorrect. – Martin Jan 06 '22 at 10:36

0 Answers0