On Mar 19, 2008, at 1:10 PM, Ken Bloom wrote:
> On Tue, 18 Mar 2008 01:21:02 -0500, Rajat Garg wrote:
>> Hi Guys,
>>
>> I am a newbie, so excuse me if this is a lame question -
>>
>> I am writing a query -
>> Airport.find(:all, :conditions =>["owner_city_state_zip like '%?%'",
>> _tempZip.zip])
>>
>> Now, this gives an error -
>>
>> Mysql::Error: You have an error in your SQL syntax; check the manual
>> that corresponds to your MySQL server version for the right syntax to
>> use near '97103'%')' at line 1: SELECT * FROM airports WHERE
>> (owner_city_state_zip like '%'97103'%')
>
> Yuck. That doesn't look like the right behavior. I would think that  
> the
> quoted question mark should be passed as-is to the database, and not
> substituted for a properly escaped string value. (So that the actual
> pattern matched is '%?%')
>
> Any idea whether this can be fixed?
>
> -- 
> Ken (Chanoch) Bloom. PhD candidate. Linguistic Cognition Laboratory.
> Department of Computer Science. Illinois Institute of Technology.
> http://www.iit.edu/~kbloom1/


You should write this as:

Airport.find(:all, :conditions =>["owner_city_state_zip like ?",
                                   "%#{_tempZip.zip}%"])
Or:

Airport.find(:all, :conditions =>["owner_city_state_zip like ?",
                                   "%" + _tempZip.zip + "%"])

Each ? will be replaced with the value later in the array quoted as  
appropriate for its type.

-Rob

Rob Biedenharn		http://agileconsultingllc.com
Rob / AgileConsultingLLC.com