Character strings starting with % may get modified

[ColinM]

  Solved I am writing a MySQL request to search for data that contains a user selected string. For example I need to seach for names containing the string
caw   This means using a MySQL statement with a clause of LIKE '%caw%' as the % symbol is the MySQL wild string.

The string supplied by the user is contained in php variable $srch.  So I have php code in the Before Submit like the following

Code:

$tmp = '%'.$srch.'%';  // and variations such as $tmp = "%$srch%" ; and even an explicit $tmp = '%caw';
$extrasql = " $andor `$column` LIKE '$tmp' ";  // standard code if not empty

If the contents of $srch are say 'will'  then all is well and we get a result in $extrasql as say
AND `name` LIKE '%will%' and all works well

but if for example $srch has 'caw' then we get AND `name`LIKE 'Êw%'  That is %ca has become Ê (Uppercase E circumflex)
For refererence in utf-8 and ISO 8859-1 the code for character Ê is CA

It would appear that a leading % is like an escape to treat next two characters as a Hex code, iff a valid hex code exists otherwise leave as it is.

I have tried this in non FF php code and no translation occurs.
How do I get around this as I need to include the leading % character.
Help!

Colin

[fvds]

You can change your sql statement to "WHERE `name` LIKE '%$search%'"....
In other words, put the "%" wildcard inside the statement instead of inside the variable....

[ColinM]

Hi
Thanks for input but reget it gave same effect. When search field was will then generated
`parent_surname` LIKE \'%will%\' ORDER BY `date` asc LIMIT 0,24
but when search field was caw it gave
`parent_surname` LIKE \'Êw%\' ORDER BY `date` asc LIMIT 0,24
My restore variable I use to reload the form variables was
 Restore=0,1,1,1813,31,12,1850,parent_surname,caw,,,,,,,,,,1,24,5,787,25-12-1841,322,22-11-1822
so I know that caw got there.

Tried numerous combinations including those shown below.  Also with $percent= '%';  and so on

Code:

$extrasql = " $andor `$column` LIKE '%$variable%' ";

 $extrasql = " $andor `$column` LIKE '%".$variable."%' ";

 $extrasql = ' $andor `$column` LIKE '."'%".$variable."%' ";

I will write a much abbreviated version to be as simple as possible so it is easy for someone to check out to see if I have done something stupid! It would be helpful to see if reproducible elsewhere.

[ColinM]

Hi
Still having trouble
Attached is a small one page form that shows the problem.  It would be most helpfull to establish if the fault appears on other setups

Thanks

Colin

[ColinM]

   Ther strange behaiour was finally tracked down to the use of
    header("Location: {mossite}/index2.php?op.......

The string was ok imediately before the use of header()in the before submit but was corrupted when received in the before piece.

Removed the leading % from the string before passing as a parameter in the header(....) command and
put following line in the before submit piece which inserts the  leading % It would seem % acts as an escape char in the header() command

$myquery = str_replace("LIKE '","LIKE '%",$myquery);

Revised code attached

[fvds]

You didn mention the string was for use in an URL! Use phpś  built-in urlencode() function to get rid of this behavoiour.
More info on http://nl2.php.net/manual/en/function.urlencode.php

[ColinM]

Hi Fred
Thanks for your input - I knew there had to be a more general solution.  When I started out I did not khow it was the url that did it.  Much wiser now! Have looked at your reference & will revise my code tomorrow as it is a bit late today.  Clearly good practice to urlencode() and urldecode() all argument strings.