I want to search a word from the database with single quote like a word can't and if I search a word like cant without single quote, can't still be displayed.
<?php
// Attempt search query execution
try{
if(isset($_REQUEST['term'])){
// create prepared statement
$sql = "SELECT * FROM countries WHERE name LIKE :term";
$stmt = $pdo->prepare($sql);
$term = '%' . $_REQUEST['term'] . '%';
// bind parameters to statement
$stmt->bindParam(':term', $term);
// execute the prepared statement
$stmt->execute();
//fetch the data if there is a name and else no matches found
if($stmt->rowCount() > 0){
while($row = $stmt->fetch()){
echo "<p>" . $row['name'] . "</p>";
}
} else{
echo "<p>No matches found</p>";
}
}
} catch(PDOException $e){
die("ERROR: Could not able to execute $sql. " . $e->getMessage());
}
// Close statement
unset($stmt);
// Close connection
unset($pdo);
?>
You can replace all unwanted characters like this:
REPLACE(name, '#','')
In your case that would be:
SELECT * FROM countries WHERE REPLACE(name, '\'','') LIKE :term
If you want more special chars to be deleted you need to do it like this:
SELECT * FROM countries WHERE REPLACE(REPLACE(name, '\'',''), '*', '') LIKE :term
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.