How to correctly add a placeholder to a query?

Hello friends,

I have a search query that uses a URL param.

I would like to insert this param into the query via place holder as this would be far more secure.

The way I am trying to do it is via the following:

$query->condition('a.dbl_title', '%' . ":search_term" . '%', 'LIKE', [':search_term' => $search_term]);

But this is not working and it looks like ‘:search_term’ is just blank.

How would I go about correctly assigning ‘:search_term’ to my variable $search_term??

Also, are there any other precautions I need to take with regards to sanatizing $search_term?

Kind regards,


Drupal version: