4 years ago

How do you parameterize whereRaw() in the query builder?

Posted 4 years ago by ATOM-Group

I have this query:

$query = DB::table('clan_teams')
    ->select('', 'ibf_members.members_display_name')
    ->leftJoin('clans', 'clan_teams.clan_id', '=', '')
    ->leftJoin('ibf_members', 'clans.leader_id', '=', '')
    ->whereRaw("(CONCAT(,' ',ibf_members.members_display_name) like '%:search%')")

The purpose of the CONCAT statement at the bottom is to create a simple multi-faceted searchable string, but I need to parameterize the actual search string I use so that it's safe from SQL injection.

But I can't find any information on how to do this with the query builder. Do I have to do a completely raw query?

Please sign in or create an account to participate in this conversation.