Is there anyway in ruby on rails to make a query using regexp?
I think it might depend on the database. I know in MySQL you can do something like:
Model.find(:conditions => "field REGEXP '.*'")
if you want a true regex, or you can use the LIKE syntax for similar string matching.
While it doesn't have regex, there's also a gem called MetaWhere that provides more advanced finder functionality.
Related
How can i search full text with sentence and search any word matched or different configuration
example:
"professor john smith" is searching in model title
it have to display result which matched the "proffessor john smith", "professor john" ", "proffesson smith"
There are lots of fulltext search technologies supports rails. elasticsearch and solar search ar eone of them
Rails cast about integrating solar search is here
There are some technologies compatible with rails. For example sunspot, as #scottxu wrote, or elasticsearch, as #knotito said. Good solution also - sphinx (fast and lite) and thinking_sphinx gem. If you use postgresql as database, and you do not want use external solutions - you can choose pg_search gem, that emplements fulltext search with pg technologies only. I prefer elasticsearch, but it requires JVM, and some people don't like this.
updated:
how to use pg_search:
First, you should add pg_search to gemfile, make bundle install, and add to your model something like:
include PgSearch
pg_search_scope :search_by_title, :against => :title
if you didn't do it before.
After, you can try to test it in rails console:
Professor.search_by_title('professor smith')
For fulltext searches you can use Elasticsearch
To implement that you can follow this railscast
you can use sunspot
description:
Sunspot is a Ruby library for expressive, powerful interaction with the Solr search engine. Sunspot is built on top of the RSolr library, which provides a low-level interface for Solr interaction; Sunspot provides a simple, intuitive, expressive DSL backed by powerful features for indexing objects and searching for them.
Looking through the rails code, I can't see where conditional validation gets executed... when you pass a string or an symbol to :if it supposedly does an eval for strings and a send for symbols... where does that happen?
Been trying to follow it through the code but I can't find where the if options are split into send or eval and how that all works. Just trying to learn and follow the through how rails does it.
https://github.com/rails/rails/blob/master/activemodel/lib/active_model/validator.rb
https://github.com/rails/rails/blob/master/activemodel/lib/active_model/validations.rb
Thanks!
This method is responsible for all the symbols, strings and lambdas being executed. Seems that Rails is using activesupport callbacks to implement validations.
how can i integrate Convert_tz of Mysql in thinking sphinx?
i tried to look up for answers but i'am not able to find any.
I'am using ruby - 1.9.3 and rails 3.2 thinking sphinx 2.0.11
eg:
Model.search("", with: {attribute: ">=CONVERT_TZ(#{Time.now}, 'UTC', 'America/New_York')" })
Sphinx has no concept of timezones, and so it doesn't have the CONVERT_TZ function (or anything like it). By default, Sphinx will store times as whatever they're in your database as (very likely UTC), so your best bet is to convert times to the appropriate UTC values when filtering.
And if you want to use greater-than/less-than logic in filters, it needs to be done as a range:
Model.search with: {attribute: Time.zone.now..1.year.from_now}
I have run a static code analysis tool (brakeman) on a rails app and it has reported some SQL Injection vulnerabilities which I suspect may be false positives. The offending lines look like this:
#things_controller.rb
def index
Thing.select(params[:columns]).where(params[:conditions])
end
I can't figure a way to exploit this, but it does seem rather open-ended, is this safe enough (this controller requires admin access anyway) or can it be exploited?
Ruby is 2.0.0-p247,
Rails is 4.0.0
While rails has some built-in filters for special characters, this is definitely vulnerable:
http://guides.rubyonrails.org/security.html#sql-injection
If you want to test it yourself, run a full scan with sqlmap using the url of this action with a conditions GET parameter
Trying to get searching working on Heroku using partial search
The following query generates an SQL error on Heroku, but works correctly in my locally version:
#events.search(params[:search]+":*")
I am using the Heroku shared database service, is this a possible difference in syntax between PostgreSQL versions?
What syntax should I be using to do a partial matching searching against a full-text index in PostgreSQL 8?
Here are the changes in PostgreSQL 9.1.
Perhaps you could try using string interpolation instead of concatenation.
#events.search("#{params[:search]}:*")
I'm not really sure what the kiss emoticon :* adds to texticle's functionality. Maybe I need to learn more SQL.
It turns out that PostgreSQL version 8 does not support partial searches using the :* syntax.
As http://www.postgresql.org/docs/9.0/interactive/textsearch-controls.html#TEXTSEARCH-PARSING-QUERIES says, using ":" is for specify prefix matching. E.g. If searching "Australia" with "Aus:" will work but not "ust:*".
So concat OR xxxx LIKE "%yyy%" will works better
You can use the tsearch option with a prefix:
:tsearch => {:prefix => true}