Getting Started with a Database

Trevor DeVore lists at mangomultimedia.com
Thu Feb 16 10:19:50 CST 2006


On Feb 16, 2006, at 4:53 AM, David Burgun wrote:
>>   put "SELECT * FROM myobjects WHERE Name LIKE '%" & tSearchString  
>> & "%'" into tSQL

David,

One addition to the above code.  You will want to escape the search  
string in case someone enters a character like "'".  So change it to:

put libdb_escape("mysql", tSearchString) into tSearchString
put "SELECT * FROM myobjects WHERE Name LIKE '%" & tSearchString &  
"%'" into tSQL


-- 
Trevor DeVore
Blue Mango Multimedia
trevor at mangomultimedia.com





More information about the use-livecode mailing list