Episode #22: PostGreSQL escape characters
Episode 22 — PostGreSQL escape characters — with Matteo Beccati
*Given:**That:* PDO uses %?% as prepared value place holder*And:* New SQL syntax uses %?% as an operator:
SELECT * FROM tbl WHERE json_col ? 'foo';
*Then:* We're in trouble
PHP 7.4 has an escape character to provide the solution:
$stmt = $pdo->prepare('SELECT \* FROM tbl WHERE json_col *??* ?');