From a91a348f2d205026ac726850c969e4da15061aa9 Mon Sep 17 00:00:00 2001
From: Graham Campbell <GrahamCampbell@users.noreply.github.com>
Date: Thu, 5 Oct 2023 11:21:47 +0100
Subject: [PATCH] Fix broken LIKE escaping (#898)

* Fix broken LIKE escaping
---
 src/Filters/FiltersPartial.php | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/Filters/FiltersPartial.php b/src/Filters/FiltersPartial.php
index 4aad8560..e0106549 100644
--- a/src/Filters/FiltersPartial.php
+++ b/src/Filters/FiltersPartial.php
@@ -44,11 +44,20 @@ public function __invoke(Builder $query, $value, string $property)
 
     protected function getWhereRawParameters($value, string $property): array
     {
-        $value = mb_strtolower($value, 'UTF8');
+        $value = mb_strtolower((string) $value, 'UTF8');
 
         return [
             "LOWER({$property}) LIKE ?",
-            ["%{$value}%"],
+            ['%'.self::escapeLike($value).'%'],
         ];
     }
+
+    private static function escapeLike(string $value): string
+    {
+        return str_replace(
+            ['\\', '_', '%'],
+            ['\\\\', '\\_', '\\%'],
+            $value,
+        );
+    }
 }