dongza6247 2014-09-26 00:24
浏览 67
已采纳

Postgres,查询错误

I do one query and I have syntax error. But for me I do all right.

Where I have error?

Thanks!

$str = "Moscow";
$data = $ci->crud_model->query(
    'select * from "Cities" where  "defaultName" ilike  %'.$str.'%'
);

Query is : select * from "Cities" where "defaultName" ilike %Moscow%

  • 写回答

3条回答 默认 最新

  • douzhanyan5015 2014-09-26 00:53
    关注

    The LIKE/ILIKE operator takes two strings as its arguments. That is, the pattern has to be a quoted string, not just directly in the SQL query.

    So instead of:

    "defaultName" ilike %Moscow%
    

    You need:

    "defaultName" ilike '%Moscow%'
    

    In PHP, you should be (at the very least) escaping the input to avoid SQL Injection. Probably CodeIgniter has facilities for escaping, or using parameterised queries, but at the very least you should do this:

    $str = "Moscow";
    $data = $ci->crud_model->query(
        'select * from "Cities" where  "defaultName" ilike  \'%'.pg_escape_string($str).'%\''
    );
    

    EDIT Per Craig Ringer's comment, the correct ways to escape or build safe queries with CodeIgniter are covered in this answer.

    This is probably the simplest (note that the query parameter is automatically a string, and doesn't need extra quotes):

    $str = "Moscow";
    $data = $ci->crud_model->query(
        'select * from "Cities" where  "defaultName" ilike ?',
        array('%' . $str . '%')
    );
    
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(2条)
编辑
预览

报告相同问题?

悬赏问题

  • ¥15 距离软磁铁一定距离的磁感应强度大小怎么求
  • ¥15 霍尔传感器hmc5883l的xyz轴输出和该点的磁感应强度大小的关系是什么
  • ¥15 vscode开发micropython,import模块出现异常
  • ¥20 Excel数据自动录入表单并提交
  • ¥30 silcavo仿真,30分钟,只需要代码
  • ¥15 FastReport 怎么实现打印后马上关闭打印预览窗口
  • ¥15 利用3支股票数据估计其均值和方差的95%置信区间。
  • ¥15 微信小程序运行一项功能时,弹出未知错误弹框,检查代码没有问题
  • ¥15 ATAC测序生成self-pseudo replicates之前是否要进行去线粒体reads
  • ¥15 python模糊字匹配函数问题
手机看
程序员都在用的中文IT技术交流社区

程序员都在用的中文IT技术交流社区

专业的中文 IT 技术社区,与千万技术人共成长

专业的中文 IT 技术社区,与千万技术人共成长

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

关注【CSDN】视频号,行业资讯、技术分享精彩不断,直播好礼送不停!

客服 返回
顶部