How to search for slash (\) in MySQL? and why escaping (\) not required for where (=) but for Like is required?

PhpMysqlSqlEscaping

Php Problem Overview


Consider this QUERY (DEMO IS HERE)

(SELECT * FROM `titles` where title = 'test\\')
UNION ALL
(SELECT * FROM `titles` where title LIKE 'test\\\\')

Output:

| ID | TITLE |
--------------
|  1 | test\ |
|  1 | test\ |

QUESTION:

Why no extra (\) required for (=) but for (like) additional \\ is required? Its clear that MySQL escaped the (test\) with (test\\) then using (test\\\\) is logical for LIKE.

Table information:

CREATE TABLE IF NOT EXISTS `titles` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `title` varchar(255) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM  DEFAULT CHARSET=latin1 AUTO_INCREMENT=7 ;

--
-- Dumping data for table `titles`
--

INSERT INTO `titles` (`id`, `title`) VALUES
(1, 'test\\');

Php Solutions


Solution 1 - Php

\ functions as an escape character in LIKE by default.

From the manual for LIKE:

> Because MySQL uses C escape syntax in strings (for example, “\n” to represent a newline character), you must double any “\” that you use in LIKE strings. For example, to search for “\n”, specify it as “\\n”. To search for “\”, specify it as “\\\\”; this is because the backslashes are stripped once by the parser and again when the pattern match is made, leaving a single backslash to be matched against.

You can change this by specifying another escape character, as in:

SELECT * FROM `titles` WHERE title LIKE 'test\\' ESCAPE '|'

Solution 2 - Php

Actually, all previous answers have been mangled somewhere. As you can see in the link provided by Karoly Horvath, whose significant bit is reproduced by Explosion Pills, the correct way of searching for 1 backslash (\) is to use 4 backslashes at once (\\\\).

By the way, to show above that single backslash I had to use two at once and to show those four I had to use eight.

Solution 3 - Php

LIKE accepts two wildchar characters, % and _.

To be able to match these characters, escaping can be used: \%, \_. This also means that if you want to match \, it has to be escaped as well.

All this is documented in the manual.

Solution 4 - Php

For finding a \ within a text field I had to escape the \ twice, else the % at the end was found:

SELECT * FROM `table` where `field` LIKE '%\\\%';

Solution 5 - Php

If you wanted to remove the (') from the database column (Test's) and replace it with apostrophy(Test's) then you can use the following query.

SELECT replace(column_name, "\\'", "'") FROM table where column_name  LIKE "%\\\%";

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
Questionuser1646111View Question on Stackoverflow
Solution 1 - PhpExplosion PillsView Answer on Stackoverflow
Solution 2 - PhpaercolinoView Answer on Stackoverflow
Solution 3 - PhpKaroly HorvathView Answer on Stackoverflow
Solution 4 - PhpMemoView Answer on Stackoverflow
Solution 5 - PhpAnsar GondalView Answer on Stackoverflow