You have to include the %signs in the $params, not in the query:

您必须在 中包含%符号，而$params不是在查询中：

$query = "SELECT * FROM tbl WHERE address LIKE ? OR address LIKE ?";
$params = array("%$var1%", "%$var2%");
$stmt = $handle->prepare($query);
$stmt->execute($params);

If you'd look at the generated query in your previous code, you'd see something like SELECT * FROM tbl WHERE address LIKE '%"foo"%' OR address LIKE '%"bar"%', because the prepared statement is quoting your values inside of an already quoted string.

如果您查看之前代码中生成的查询，您会看到类似 的内容SELECT * FROM tbl WHERE address LIKE '%"foo"%' OR address LIKE '%"bar"%'，因为准备好的语句在已引用的字符串中引用您的值。

No, you don't need to quote prepare placeholders. Also, include the % marks inside of your variables.

不，您不需要引用准备占位符。此外，在变量中包含 % 标记。

LIKE ?

And in the variable: %string%

在变量中： %string%

$query = "SELECT * FROM tbl WHERE address LIKE ? OR address LIKE ?";
$params = array("%$var1%", "%$var2%");
$stmt = $handle->prepare($query);
$stmt->execute($params);

Simply use the following:

只需使用以下内容：

$query = "SELECT * FROM tbl WHERE address LIKE CONCAT('%', :var1, '%')
            OR address LIKE CONCAT('%', :var2, '%')";

$ar_val = array(':var1'=>$var1, ':var2'=>$var2);
if($sqlprep->execute($ar_val)) { ... }

You can see below example

你可以看到下面的例子

$title = 'PHP%';
$author = 'Bobi%';
// query
$sql = "SELECT * FROM books WHERE title like ? AND author like ? ";
$q = $conn->prepare($sql);
$q->execute(array($title,$author));

Hope it will work.

希望它会起作用。