The reason for using parameterized queries instead of either merging or appending is because of SQL injection.
On Wed, Jul 29, 2015 at 10:18 AM, PystCat <pyst...@gmail.com> wrote: > Why not just use merge...? > > Put "John" into tVal > Put merge("SELECT * FROM foo WHERE(bar LIKE %[[tVal]])") into pSQL > OR > put merge("SELECT * FROM foo WHERE(bar LIKE %[[tVal]]%)") into pSQL > > I do this for all of my queries and it works fine. > > Paul > > > > > > On Jul 29, 2015, at 9:45 AM, Mike Kerner <mikeker...@roadrunner.com> > wrote: > > > > If I was guessing, my hunch would be that including the single-quotes is > > going to make the db look for strings containing %:1%, instead of using > the > > wildcards and the parameter. > > > > On Wed, Jul 29, 2015 at 9:31 AM, Mike Kerner <mikeker...@roadrunner.com> > > wrote: > > > >> Nope. That doesn't work, Bob. That returns nothing. > >> > >> On Tue, Jul 28, 2015 at 7:23 PM, Bob Sneidar < > bobsnei...@iotecdigital.com> > >> wrote: > >> > >>> Should be LIKE ‘:1’ or for wild cards LIKE ‘%:1%’. > >>> > >>> If you are searching for a value at the beginning, LIKE ‘:1%’ or at the > >>> end, LIKE ‘%:1’ > >>> > >>> If searching for all, column LIKE ‘%:1%’ OR column LIKE ‘:1%’ OR column > >>> LIKE ‘%:1’ > >>> > >>> HTH > >>> > >>> Bob S > >>> > >>> > >>>> On Jul 28, 2015, at 08:16 , Mike Kerner <mikeker...@roadrunner.com> > >>> wrote: > >>>> > >>>> Has anybody built any queries that use both parameters and wildcards, > >>> e.g. > >>>> in a LIKE statement? > >>>> > >>>> SELECT * FROM foo WHERE bar LIKE %:1% > >>>> > >>>> I've tried the above (error), I've tried '%':1'%' (error), and I've > >>> tried > >>>> appending the % to the container I'm passing as my :1 (doesn't work). > >>>> > >>>> I really don't want to do this the unsafe way. > >>>> -- > >>>> On the first day, God created the heavens and the Earth > >>>> On the second day, God created the oceans. > >>>> On the third day, God put the animals on hold for a few hours, > >>>> and did a little diving. > >>>> And God said, "This is good." > >>>> _______________________________________________ > >>>> use-livecode mailing list > >>>> use-livecode@lists.runrev.com > >>>> Please visit this url to subscribe, unsubscribe and manage your > >>> subscription preferences: > >>>> http://lists.runrev.com/mailman/listinfo/use-livecode > >>> > >>> _______________________________________________ > >>> use-livecode mailing list > >>> use-livecode@lists.runrev.com > >>> Please visit this url to subscribe, unsubscribe and manage your > >>> subscription preferences: > >>> http://lists.runrev.com/mailman/listinfo/use-livecode > >>> > >> > >> > >> > >> -- > >> On the first day, God created the heavens and the Earth > >> On the second day, God created the oceans. > >> On the third day, God put the animals on hold for a few hours, > >> and did a little diving. > >> And God said, "This is good." > >> > > > > > > > > -- > > On the first day, God created the heavens and the Earth > > On the second day, God created the oceans. > > On the third day, God put the animals on hold for a few hours, > > and did a little diving. > > And God said, "This is good." > > _______________________________________________ > > use-livecode mailing list > > use-livecode@lists.runrev.com > > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > > http://lists.runrev.com/mailman/listinfo/use-livecode > > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your > subscription preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode > -- On the first day, God created the heavens and the Earth On the second day, God created the oceans. On the third day, God put the animals on hold for a few hours, and did a little diving. And God said, "This is good." _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode