Substring SQL Query Variable

Question

I am trying to query the Database for a sub-string, I am substituting a string variable from a form for the query. It is giving me a syntax error.

This is the error:

LINE 1: SELECT * FROM books WHERE title LIKE '%'sometext'%'
[SQL: SELECT * FROM books WHERE title LIKE '%%''%(form)s''%%']
[parameters: {'form': 'some'}]

This is the query:

books = db.execute("SELECT * FROM books WHERE title LIKE '%:form%'", {"form":form.search.data}).fetchall()

If I use an actual string in the SQL query it works. It is an issue with using a variable. Any assistance would be appreciated.

can't you add the `like` operators outside the SQL statement using `format`? i.e inside your params dictionary — gold_cy, Oct 15 '19 at 11:55
@aws_apprentice I could have built the string outside the query, got it to work with CONCAT — Pierre, Oct 15 '19 at 12:15

score 0 · Accepted Answer · answered Oct 15 '19 at 12:03

0

you could try using concat for avoid quote and windchar issue

books = db.execute("SELECT * 
      FROM books 
      WHERE title LIKE concat('%',:form, '%')" , 
     ........

answered Oct 15 '19 at 12:03

ScaisEdge

131,976
10
91
107

Substring SQL Query Variable

1 Answers1