feat(database/gdb): Enhanced support for automatic escaping of special characters in the WhereLike method.

Signed-off-by: yuluo-yx <yuluo08290126@gmail.com>

Author: yuluo-yx

database/gdb/gdb_func.go

@@ -1015,3 +1015,25 @@ func genTableNamesCacheKey(group string) string {
 func genSoftTimeFieldNameTypeCacheKey(schema, table string, candidateFields []string) string {
 	return fmt.Sprintf(`getSoftFieldNameAndType:%s#%s#%s`, schema, table, strings.Join(candidateFields, "_"))
 }
+
+// EscapeLikeString escapes special characters in a string for LIKE operations.
+// It escapes '\', '%', and '_' characters to prevent them from being interpreted
+// as wildcard characters in SQL LIKE statements.
+//
+// The function follows standard SQL escaping rules:
+// - '\' becomes '\\'
+// - '%' becomes '\%'
+// - '_' becomes '\_'
+//
+// Example:
+//
+//	EscapeLikeString("john_doe%test\\data") returns "john\\_doe\\%test\\\\data"
+func EscapeLikeString(s string) string {
+	// Escape backslashes first to prevent double escaping
+	s = strings.ReplaceAll(s, "\\", "\\\\")
+	// Escape percent signs
+	s = strings.ReplaceAll(s, "%", "\\%")
+	// Escape underscores
+	s = strings.ReplaceAll(s, "_", "\\_")
+	return s
+}

database/gdb/gdb_model_builder_where.go

@@ -10,6 +10,7 @@ import (
 	"fmt"
 
 	"github.com/gogf/gf/v2/text/gstr"
+	"github.com/gogf/gf/v2/util/gconv"
 )
 
 // doWhereType sets the condition statement for the model. The parameter `where` can be type of
@@ -114,7 +115,7 @@ func (b *WhereBuilder) WhereBetween(column string, min, max any) *WhereBuilder {
 
 // WhereLike builds `column LIKE like` statement.
 func (b *WhereBuilder) WhereLike(column string, like string) *WhereBuilder {
-	return b.Wheref(`%s LIKE ?`, b.model.QuoteWord(column), like)
+	return b.Wheref(`%s LIKE ?`, b.model.QuoteWord(column), EscapeLikeString(like))
 }
 
 // WhereIn builds `column IN (in)` statement.
@@ -138,7 +139,8 @@ func (b *WhereBuilder) WhereNotBetween(column string, min, max any) *WhereBuilde
 
 // WhereNotLike builds `column NOT LIKE like` statement.
 func (b *WhereBuilder) WhereNotLike(column string, like any) *WhereBuilder {
-	return b.Wheref(`%s NOT LIKE ?`, b.model.QuoteWord(column), like)
+	likeStr := gconv.String(like)
+	return b.Wheref(`%s NOT LIKE ?`, b.model.QuoteWord(column), EscapeLikeString(likeStr))
 }
 
 // WhereNot builds `column != value` statement.

database/gdb/gdb_model_builder_where_prefix.go

@@ -6,6 +6,8 @@
 
 package gdb
 
+import "github.com/gogf/gf/v2/util/gconv"
+
 // WherePrefix performs as Where, but it adds prefix to each field in where statement.
 // Eg:
 // WherePrefix("order", "status", "paid")                        => WHERE `order`.`status`='paid'
@@ -54,7 +56,8 @@ func (b *WhereBuilder) WherePrefixBetween(prefix string, column string, min, max
 
 // WherePrefixLike builds `prefix.column LIKE like` statement.
 func (b *WhereBuilder) WherePrefixLike(prefix string, column string, like any) *WhereBuilder {
-	return b.Wheref(`%s.%s LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), like)
+	likeStr := gconv.String(like)
+	return b.Wheref(`%s.%s LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), EscapeLikeString(likeStr))
 }
 
 // WherePrefixIn builds `prefix.column IN (in)` statement.
@@ -78,7 +81,8 @@ func (b *WhereBuilder) WherePrefixNotBetween(prefix string, column string, min,
 
 // WherePrefixNotLike builds `prefix.column NOT LIKE like` statement.
 func (b *WhereBuilder) WherePrefixNotLike(prefix string, column string, like any) *WhereBuilder {
-	return b.Wheref(`%s.%s NOT LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), like)
+	likeStr := gconv.String(like)
+	return b.Wheref(`%s.%s NOT LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), EscapeLikeString(likeStr))
 }
 
 // WherePrefixNot builds `prefix.column != value` statement.

database/gdb/gdb_model_builder_whereor.go

@@ -10,6 +10,7 @@ import (
 	"fmt"
 
 	"github.com/gogf/gf/v2/text/gstr"
+	"github.com/gogf/gf/v2/util/gconv"
 )
 
 // WhereOr adds "OR" condition to the where statement.
@@ -83,7 +84,8 @@ func (b *WhereBuilder) WhereOrBetween(column string, min, max any) *WhereBuilder
 
 // WhereOrLike builds `column LIKE 'like'` statement in `OR` conditions.
 func (b *WhereBuilder) WhereOrLike(column string, like any) *WhereBuilder {
-	return b.WhereOrf(`%s LIKE ?`, b.model.QuoteWord(column), like)
+	likeStr := gconv.String(like)
+	return b.WhereOrf(`%s LIKE ?`, b.model.QuoteWord(column), EscapeLikeString(likeStr))
 }
 
 // WhereOrIn builds `column IN (in)` statement in `OR` conditions.
@@ -107,7 +109,8 @@ func (b *WhereBuilder) WhereOrNotBetween(column string, min, max any) *WhereBuil
 
 // WhereOrNotLike builds `column NOT LIKE like` statement in `OR` conditions.
 func (b *WhereBuilder) WhereOrNotLike(column string, like any) *WhereBuilder {
-	return b.WhereOrf(`%s NOT LIKE ?`, b.model.QuoteWord(column), like)
+	likeStr := gconv.String(like)
+	return b.WhereOrf(`%s NOT LIKE ?`, b.model.QuoteWord(column), EscapeLikeString(likeStr))
 }
 
 // WhereOrNotIn builds `column NOT IN (in)` statement.

database/gdb/gdb_model_builder_whereor_prefix.go

@@ -6,6 +6,8 @@
 
 package gdb
 
+import "github.com/gogf/gf/v2/util/gconv"
+
 // WhereOrPrefix performs as WhereOr, but it adds prefix to each field in where statement.
 // Eg:
 // WhereOrPrefix("order", "status", "paid")                        => WHERE xxx OR (`order`.`status`='paid')
@@ -56,7 +58,8 @@ func (b *WhereBuilder) WhereOrPrefixBetween(prefix string, column string, min, m
 
 // WhereOrPrefixLike builds `prefix.column LIKE 'like'` statement in `OR` conditions.
 func (b *WhereBuilder) WhereOrPrefixLike(prefix string, column string, like any) *WhereBuilder {
-	return b.WhereOrf(`%s.%s LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), like)
+	likeStr := gconv.String(like)
+	return b.WhereOrf(`%s.%s LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), EscapeLikeString(likeStr))
 }
 
 // WhereOrPrefixIn builds `prefix.column IN (in)` statement in `OR` conditions.
@@ -80,7 +83,8 @@ func (b *WhereBuilder) WhereOrPrefixNotBetween(prefix string, column string, min
 
 // WhereOrPrefixNotLike builds `prefix.column NOT LIKE 'like'` statement in `OR` conditions.
 func (b *WhereBuilder) WhereOrPrefixNotLike(prefix string, column string, like any) *WhereBuilder {
-	return b.WhereOrf(`%s.%s NOT LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), like)
+	likeStr := gconv.String(like)
+	return b.WhereOrf(`%s.%s NOT LIKE ?`, b.model.QuoteWord(prefix), b.model.QuoteWord(column), EscapeLikeString(likeStr))
 }
 
 // WhereOrPrefixNotIn builds `prefix.column NOT IN (in)` statement.