Node MySQL escape LIKE statement

Question

How do escape a MySQL LIKE statement in node-mysql?

Something along the lines of

\"SELECT * FROM card WHERE name LIKE \'%\" + connection.escape(req.b         


        

Answer 1

Not sure why it's escaping the % in your last example, because that works fine for me:

// lifted from my code:
var value = 'ee20e966289cd7';
connection.query('SELECT * from django_session where session_key like ?', '%' + value + '%', ...)

// Result:
[ { session_key: '713ee20e966289cd71b936084a1e613e', ... } ]

When I turn on debugging in the driver (pass debug:true as argument to mysql.createConnection), it doesn't escape the percent sign:

{ command: 3,
  sql: 'SELECT * from django_session where session_key like \'%ee20e966289cd7%\'' }

(it does escape the single quote, but that's for display purposes only)

(using mysql@2.0.0-alpha8)

Answer 2

i've had success with something like

"SELECT * FROM card WHERE name LIKE " + connection.escape('%'+req.body.search+'%')

Answer 3

How about

mysql.format("SELECT * FROM card WHERE name LIKE CONCAT('%', ?,  '%')", req.body.search)

?

Answer 4

you can always do

variable = '%${variable}%'
"SELECT * FROM 'table' WHERE ('foo' LIKE ?);", 
[variable], callback =>