[Zope] Something funny about SQL like?
Hannu Krosing
hannu@trust.ee
Tue, 03 Aug 1999 14:30:17 +0300
Martijn Pieters wrote:
>
> At 23:50 02/08/99 , Donald Holten wrote:
> > Well, I've tried escaping the '%', single quotes instead of
> > double quotes, sqlvar instead of var, and
> >none of those have worked. Here's the code again:
> >
> >select *
> > from Users
> > where <!--#var searchkey--> like "%<!--#var valuekey-->%"
> >order by <!--#var searchkey-->
...
> >SQL used:
> >
> >select *
> > from Users
> > where firstname like "%Donald%"
> >order by firstname
> >
> > Like I said, it looks to me like the SQL it's trying to use is
> > fine.
In SQL _double_ quotes are used for escaping column names that are case
sensitive
or contain non-alpha characters. For strings you should use single
quotes, so:
select *
from Users
where firstname like '%Donald%'
order by firstname
Should do what you want
---------
Hannu