Hi, I need a little help on my SQL syntax.
I want to store forbidden inputs from the GUI in a table and query it on input from the user; simple layout: CREATE TABLE `forbidden_input` (`lfdnr` TINYINT (3) UNSIGNED DEFAULT '0' AUTO_INCREMENT, `input` VARCHAR (255) NOT NULL, PRIMARY KEY(`lfdnr`), UNIQUE(`input`)); Content is something like this: 1,'+' 2,'^' 3,'>' 4,'<' 5,'(' 6,')' 7,'~' 8,'&' 9,'%' The Query shall be something like (Where 'Hello Wor&ld' will later be substituted with the user's input by PHP.): SELECT `input` FROM lok_forbidden_input WHERE 'Hello Wor&ld' like '%\&%'; I get a strange behavior here, which I can't explain myself: I get either no results or all results. More bad: I originally wanted to compare the table content agains the user's input. So the query should rather look like this: SELECT `input` FROM lok_forbidden_input WHERE 'Ha%llo Welt' like '%\'+`input`+'%'; But here I get a problem with the backslash with should mask out something like '%' in table's row number 9. Where am i wrong here? Thanks for any help Maik -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]