Use of LIKE ‘%%%s%%’

  • Hi,

    At the moment your plugin uses 2 instances of "%%%s%%", e.g.

    $wpdb->prepare(' […] WHERE CONCAT(domain, path) LIKE "%%%s%%" […] ', $search

    While this is fine at the moment, it is an undocumented “feature” that should be removed in the future.

    The wpdb::prepare() documentation notes that percentage wildcards cannot be inserted directly into the SQL, and instead the complete LIKE string should be provided via the arguments, e.g.

    $search_like = '%' . $wpdb->esc_like( $search ) . '%';

$wpdb->prepare(' […] WHERE CONCAT(domain, path) LIKE %s […] ', $search_like )

    It’s undocumented because the "%%" should only provide a single literal percentage sign, and not cause the following "%s" to be unquoted.

  • The topic ‘Use of LIKE ‘%%%s%%’’ is closed to new replies.