jonseg/crud-admin-generator

Quote column names when constructing SELECT query

Closed this issue · 1 comments

I had a table with a field named 'order', which triggered a SQL syntax error. You should change:

$whereClause =  $whereClause . " " . $col . " LIKE '%". $searchValue ."%'";

to

$whereClause =  $whereClause . " '" . $col . "' LIKE '%". $searchValue ."%'";

Notice the extra quotation around $col

This is a duplicate of #91