Topics

Using parameter in LIKE

Is it safe to pass a string directly into a like condition, or does it have to be quoted or parameterized somehow?

where(like(entries.text, `%${filters.search}%`))

where(like(entries.text, `%${filters.search}%`))

2 Replies

kangkang•11mo ago

It will be parameterized.

ciscoheatOP•11mo ago

Nice, thank you

The official Discord for all Drizzle related projects, such as Drizzle ORM, Drizzle Kit, Drizzle Studio and more!

10KMembers