Combine PHP prepared statments with LIKE

Question

Anyone know how to combine PHP prepared statements with LIKE? i.e.

\"SELECT * FROM table WHERE name LIKE %?%\";

Answer 1

The % signs need to go in the variable that you assign to the parameter, instead of in the query.

I don't know if you're using mysqli or PDO, but with PDO it would be something like:

$st = $db->prepare("SELECT * FROM table WHERE name LIKE ?");
$st->execute(array('%'.$test_string.'%'));

EDIT :: For mysqli user the following.

$test_string = '%' . $test_string . '%';
$st->bind_param('s', $test_string);
$st->execute();