This is exacty what db_placeholders() is for. It takes an array and build the correct number of %s fields (or %d depending on the type parameter) for inserting into your IN clause.
 

Nancy

 

Injustice anywhere is a threat to justice everywhere. -- Dr. Martin L. King, Jr.



From: Austin Einter <austin.einter@gmail.com>
To: support@drupal.org
Sent: Sun, April 10, 2011 8:55:16 PM
Subject: [support] Place holders in SQL query

1.
When we do a SQL query, if we want to pass value to query, we make use %d for integers or %s for strings.
Similarly do we have any place holders for arrays. 
 
 
2.
I am facing a below typical problem, can somebody tell me what should I do?
 
Below query works fine.
SELECT skillid FROM {resubmt_skills}  WHERE resubmt_skills.skillname IN ('PHP', 'HTML', 'SQL')  
 
But in above query search string  'PHP', 'HTML', 'SQL' is hard coded.
I want to make the query generic.
 
Lets say in custom search form, user entered search string PHP, Telecom, HTML,, so how can I write a generic query.
 
Thanks
Austin