Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
$SQL = "SELECT * FROM `user_posts` WHERE (`post` LIKE '%@".$user."%')";
For instance, if my username is @Jake, it will show any post that has @Jake in it. But it will also do for instance, @Jake11, it will also show. How can I fix this?
You might consider using some sort of regular expression instead of
LIKE '%...%'.An example might be:
The
[[:>:]]matches on a right word boundary. As pointed out by Bill Karwin, there’s no need for a left-hand boundary pattern in this case as there is an implied word boundary at the@character. (Indeed, you can’t have a left-boundary to the left of a non-word character.)(I’m sure others will comment on your possible exposure to SQL injection attack too.)