Can I run a sql LIKE query with two parameters? (pdo prepared statement)

Question

I encountered a very strange problem. I need a LIKE query with two parameters, called via AJAX, but I need to prepare it. Even tough I'm sure all the parameters are correct it gives me this error: SQLSTATE[HY093]: Invalid parameter number

Here is the code:

 if ($mode == "async") {
    $utente = $_GET['utente'];
    $numero = $_GET['utente'];
  
    try {

        $clienti = $connessione->prepare("SELECT * FROM clienti WHERE clienti.nome_cliente LIKE '%?%' OR clienti.numero_tel LIKE '%?%' GROUP BY clienti.nome_cliente");
     
       $clienti->bindParam(1, $utente, PDO::PARAM_STR);
       $clienti->bindParam(2, $numero, PDO::PARAM_STR);
       $clienti->execute();
        $clientiEffettivi = $clienti->fetchAll();

        echo json_encode($clientiEffettivi);

        $conta = count($clientiEffettivi);

    } catch (PDOException $e) {
        echo $e->getMessage();
        die();
    }
}

Basically I have the same value for $utente and $numero because I want the user be able to search in the text field (with name = "utente") the name of the customer or his phone number.

P.S.

Don't mind about the not declared variable ($mode), I have a function who creates these variable variables in another file. I'm sure that $utente and $numero successfully get their values from the $_GET array.

Thank you all.

Don't quote the placeholders. Append the wildcards on to the value being bound. Either `clienti.nome_cliente LIKE ? OR clienti.numero_tel LIKE ?` or `clienti.nome_cliente LIKE concat('%' , ?, '%') OR clienti.numero_tel LIKE concat('%', ?, '%')` — user3783243, Feb 24 '22 at 17:04

Can I run a sql LIKE query with two parameters? (pdo prepared statement)

0 Answers0