Prevent EF from escaping wildcard character - entity-framework-4

I have something like this
var query = repo.GetQuery(); // IQueryable
query.Where(item => item.FieldName.Contains("xxx%yyy"));
It results in following statement on SQL server
exec sp_executesql N'SELECT
// clipped
WHERE ([Extent1].[FieldName] LIKE #p__linq__0 ESCAPE N''~'')',
N'#p__linq__0 nvarchar(4000),#p__linq__0=N'%xxx~%yyy%'
#p__linq__0=N'%xxx~%yyy% causes the SQL server to look for xxx%yyy with % as literal (as it is escaped) while I would like it to match string like xxx123yyy, xxxABCyyy, xxxANYTHINGyyy, xxxyyy etc. Addition of prefix % and suffix % is fine but I could do it manually if needed.
In the above example I have simplified and written only one where condition but I have a dynamic logic that build the predicate with many of such keywords and I would like to allow the wildcards to be embedded inside the keywords. Is there a way to tell EF not to escape the % in the search keyword?

It is not possible. Contains("xxx") means that in SQL you want LIKE '%xxx%'. Linq-to-entities and none of its String mapped methods offer full wildcard searching = any wildcard character is always escaped. If you want to use wildcard searching you must use Entity SQL.

Related

Rails ActiveRecord sanitize_sql replaces ? in string

I have a plain SQL query written by a trusted administrator that is to be run in a Rails (4.2) app. I am sanitizing it with ActiveRecord::Base.send(:sanitize_sql, ...) to allow user inputs to act as conditions, using the ? character for bind variables. The code has to allow arbitrary SQL, so I'm not interested in the arguments about why this is not the Rails way, etc.
The problem is that I can not include ? in a result field in the SQL without the underlying replace_bind_variables method replacing an intended literal ? in the result.
A simple query for example would be:
select 'http://www.google.com?q=' || res from some_table where a = ?;
To sanitize:
ActiveRecord::Base.send(:sanitize_sql, [sql, 'not me'], :some_table)
The sanitization fails because the ? in the URL gets replaced with the data intended for the condition, leading to the exception:
ActiveRecord::PreparedStatementInvalid: wrong number of bind variables (1 for 2)
The question is, does sanitize_sql or some variant allow literal ? characters to be included in a query so that they are not replaced? Is there some way of escaping them?
In the end I read through the ActiveRecord source and couldn't identify a way to handle this situation without a lot of code changes. There doesn't appear to be a way to escape the ? characters.
To resolve it for this one query I ended up using the SQL chr() function to generate a character that would pass the santization step untouched:
select 'http://www.google.com' || chr(63) || 'q=' || res from some_table where a = ?;
ASCII character 63 is ?.
Although not a perfect solution, I could at least get this one SQL query into the system without having to make massive code changes.

Rails NOT IN query and regexp

I have array of strings:
a = ['*#foo.com', '*#bar.com', '*#baz.com']
I would like to query my model so I will get all the records where email isn't in any of above domains.
I could do:
Model.where.not(email: a)
If the list would be a list of strings but the list is more of a regexp.
It depends on your database adapter. You will probably be able to use raw SQL to write this type of query. For example in postgres you could do:
Model.where("email NOT SIMILAR TO '%#foo.com'")
I'm not saying thats exactly how you should be doing it but it's worth looking up your database's query language and see if anything matches your needs.
In your example you would have to join together your matchers as a single string and interpolate it into the query.
a = ['%#foo.com', '%#bar.com', '%#baz.com']
Model.where("email NOT SIMILAR TO ?", a.join("|"))
Use this code:
a = ['%#foo.com', '%#bar.com', '%#baz.com']
Model.where.not("email like ?",a.join("|"))
Replace * to % in array.

Neo4j - search like query with non english characters

Is there an option in neo4j to write a select query with where clause, that ignores non-latin characters ?
MATCH (places:Place)
WHERE (places.name =~ '.*(?ui)Fabergé.*')
RETURN places
I have place with Fabergé name in graph and i want to find it when user type Fabergé or Faberge without this special character.
I'm not aware of an easy way to do this directly with a regex match in Cypher.
One possible workaround is to store the string in question in a normalized form in a second property e.g. place.name_normalized and then compare it with the normalized search string. Of course normalization needs to be done on client side, see another SO question on how to achive this: Remove diacritical marks (ń ǹ ň ñ ṅ ņ ṇ ṋ ṉ ̈ ɲ ƞ ᶇ ɳ ȵ) from Unicode chars

Apache solr not work with special character for search?

I am creating search query for filter my data it not filter as per my expectation
my query string is :Reinvestment Act of 2009 - RD&D
its not return me any result
after replace string : Reinvestment Act of 2009 / RD&D
its working fine.
is there any limitation at solr search if yes then which special char are not allowed.
what alternative to search using special character using solr
Solr query parsers treat certain characters specially. For example, - means exclude the next term in the Solr Query Parser syntax. You can escape these special characters with a backslash, or enclose them in quotes.
You can find more information in the Solr query documentation.

Symfony, propel, question mark

I want to create a search function on my website, and I don't want to use a plugin for this thing, because it's very simple, but I can't solve this problem:
I give the keyword to the model which creates a query, but I couldn't figure out how to put joker characters in this query.
I'm using Propel
Dennis
The filterByXXX() query functions will use LIKE when your query contains wildcards:
$books = BookQuery::create()
->filterByTitle('War%')
->find();
// example Query generated for a MySQL database
$query = 'SELECT book.* from `book` WHERE book.TITLE LIKE :p1'; // :p1 => 'War%'
Remember, the wildcards you can use in SQL are _ for exactly one and % for zero or more characters. So not ? or *.

Resources