How can I escape complex sql in Zend Framework?

php zend-framework zend-db-table
Itay Moav -Malimovka picture Itay Moav -Malimovka · Apr 12, 2009 · Viewed 14.3k times · Source

I have the following sql (a simplification of the real problem):

SELECT *
FROM t
WHERE myname LIKE '%{$input}%';

How do I escape the $input?
I can't use the quoteInto (unless I miss something).
As

$sql=$DB->quoteInto("SELECT *
                     FROM t
                     WHERE myname LIKE '%?%'",$input);

Will give me 

SELECT *
FROM t
WHERE myname LIKE '%'my input'%';

and

$sql=$DB->quoteInto("SELECT *
                     FROM t
                     WHERE myname LIKE ?",'%'.$input.'%');

Will give me something on the lines:

SELECT *
FROM t
WHERE myname LIKE '\%my input\%';

Answer

Akeem picture Akeem · Apr 12, 2009

The last option is works out well for me i've not experienced it escaping '%'. So $db->quote('%'.$_GET['query'].'%') outputs %queryvalue%

Related questions

How to make PDO run SET NAMES utf8 each time I connect, In ZendFramework

How to make PDO adapter run SET NAMES utf8 each time I connect, In ZendFramework. I am using an INI file to save the adapter config data. what entries should I add there? If it wasn't clear, I am looking …

Read More
How do I add more than one row with Zend_Db?

I have an array with information which looks more or less like this: $data[] = array('content'=>'asd'); $data[] = array('content'=>'asdf'); And I want to add both entries into the Database. $db->insert('table', $data); does not …

Read More
Zend Framework: How to retrieve the id of the last inserted row?

I'm inserting a new row into my database with this code: $data = array( 'key' => 'value' ); $this->getDbTable()->insert($data); How can I get the row id of the this row that I just created?

Read More