Doubt with query LIKE

0

I developed a function that searches the database for a client by ID:

function buscaId ($id,$conexao){
    $resultados= array();
    $query= "select * from cliente where id like '$id%' ";
    $resultado= mysqli_query($conexao,$query);
    while ($resultado_cliente = mysqli_fetch_assoc($resultado)) {
            array_push($resultados, $resultado_cliente);



        }

            return $resultados;
    }

However, when I type "%%" ou "VAZIO " into "Search", it brings all the clients of the bank.

How do I disable this? The bank will have 7,000 lines.

    
asked by anonymous 01.02.2018 / 12:54

1 answer

0

You can use the php PDO. It is safer and has a greater abstraction. What's more, you do not need the loop because the query only returns a record. Here's an example.

    function buscaId ($conexao, $id)
    {
        $resultados= array();
        $query= "select * from users where id = ?";        
        $stmt = $conexao->prepare($query);
        $stmt->bindParam(1, $id, PDO::PARAM_INT);
        $stmt->execute();

        $rows = $stmt->fetch();

        return $rows;
    }

   $resultado = buscaId($conexao, 1);
   echo 'Id: '.$resultado['id'].' - Nome:' .$resultado['name'] ;
    
01.02.2018 / 14:16