Home/ Questions/Q 4050412
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T14:03:59+00:00

In some PHP code, I have an mysql_real_escape_string()’d term, like foo\’s . I search

  • 0

In some PHP code, I have an mysql_real_escape_string()’d term, like foo\'s. I search that in my database (where it is also stored as foo\'s) like so:

mysql_query("SELECT * FROM coupons WHERE retailerName LIKE '%" . $searchTerm . "%'");

The query should look like this without variables:

SELECT * FROM coupons WHERE retailerName LIKE '%foo\'s%'

If I search f, fo, or foo, then the search works. But if I search foo's then the search doesn’t work (keep in mind that the actual query takes an escaped string, so everything should match up).

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Perhaps the interface from you program to mysql (JDBC or similar) is adding extra escape characters to your string. If the same mechanism is not what put the data into the database, try doing an insert to see how the data gets stored.

    Mysql can handle the query through it’s own interface

    mysql> describe test_table;
+-------+-------------+------+-----+---------+-------+
| Field | Type        | Null | Key | Default | Extra |
+-------+-------------+------+-----+---------+-------+
| col1  | varchar(20) | YES  |     | NULL    |       |
| col2  | varchar(20) | YES  |     | NULL    |       |
+-------+-------------+------+-----+---------+-------+
2 rows in set (0.01 sec)

mysql> insert into test_table (col1, col2) values ('col1value', 'foo\'s');
Query OK, 1 row affected (0.04 sec)

mysql> select * from test_table where col2 like '%foo\'s%';
+-----------+-------+
| col1      | col2  |
+-----------+-------+
| col1value | foo's |
+-----------+-------+
1 row in set (0.00 sec)
    • 0