On Mar 19, 2008, at 1:10 PM, Ken Bloom wrote: > On Tue, 18 Mar 2008 01:21:02 -0500, Rajat Garg wrote: >> Hi Guys, >> >> I am a newbie, so excuse me if this is a lame question - >> >> I am writing a query - >> Airport.find(:all, :conditions =>["owner_city_state_zip like '%?%'", >> _tempZip.zip]) >> >> Now, this gives an error - >> >> Mysql::Error: You have an error in your SQL syntax; check the manual >> that corresponds to your MySQL server version for the right syntax to >> use near '97103'%')' at line 1: SELECT * FROM airports WHERE >> (owner_city_state_zip like '%'97103'%') > > Yuck. That doesn't look like the right behavior. I would think that > the > quoted question mark should be passed as-is to the database, and not > substituted for a properly escaped string value. (So that the actual > pattern matched is '%?%') > > Any idea whether this can be fixed? > > -- > Ken (Chanoch) Bloom. PhD candidate. Linguistic Cognition Laboratory. > Department of Computer Science. Illinois Institute of Technology. > http://www.iit.edu/~kbloom1/ You should write this as: Airport.find(:all, :conditions =>["owner_city_state_zip like ?", "%#{_tempZip.zip}%"]) Or: Airport.find(:all, :conditions =>["owner_city_state_zip like ?", "%" + _tempZip.zip + "%"]) Each ? will be replaced with the value later in the array quoted as appropriate for its type. -Rob Rob Biedenharn http://agileconsultingllc.com Rob / AgileConsultingLLC.com