Quote column names when constructing SELECT query
Closed this issue · 1 comments
ifigueroap commented
I had a table with a field named 'order', which triggered a SQL syntax error. You should change:
$whereClause = $whereClause . " " . $col . " LIKE '%". $searchValue ."%'";
to
$whereClause = $whereClause . " '" . $col . "' LIKE '%". $searchValue ."%'";
Notice the extra quotation around $col
ifigueroap commented
This is a duplicate of #91