function Connection::escapeLike

Same name in other branches
  1. 9 core/lib/Drupal/Core/Database/Connection.php \Drupal\Core\Database\Connection::escapeLike()
  2. 8.9.x core/lib/Drupal/Core/Database/Connection.php \Drupal\Core\Database\Connection::escapeLike()
  3. 10 core/lib/Drupal/Core/Database/Connection.php \Drupal\Core\Database\Connection::escapeLike()

Escapes characters that work as wildcard characters in a LIKE pattern.

The wildcard characters "%" and "_" as well as backslash are prefixed with a backslash. Use this to do a search for a verbatim string without any wildcard behavior.

For example, the following does a case-insensitive query for all rows whose name starts with $prefix:

$result = $injected_connection->query('SELECT * FROM person WHERE name LIKE :pattern', [
    ':pattern' => $injected_connection->escapeLike($prefix) . '%',
]);

Backslash is defined as escape character for LIKE patterns in Drupal\Core\Database\Query\Condition::mapConditionOperator().

Parameters

string $string: The string to escape.

Return value

string The escaped string.

File

core/lib/Drupal/Core/Database/Connection.php, line 1080

Class

Connection
Base Database API class.

Namespace

Drupal\Core\Database

Code

public function escapeLike($string) {
    return addcslashes($string, '\\%_');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.