Using sunspot and solr 4+ is there a way to automatically escape special characters.
For example in a simple fulltext search like:
Post.search do
fulltext term
end
If the term contains any of the special chars (http://lucene.apache.org/core/4_0_0/queryparser/org/apache/lucene/queryparser/classic/package-summary.html#Regexp_Searches) then they should be auto escaped.
Inside your initializers file add following code
RE_ESCAPE_SOLR = /([-+!\(\)\{\}\[\]^"~*?:\\]|&&|\|\|)/
class String
def escape_solr
gsub(RE_ESCAPE_SOLR) { |e| "\\#{e}" }
end
end
and whenever searching for anything you can just call
Post.search do
fulltext term.escape_solr
end
Related
I am trying to use the Internationalization feature of the Play Framework.
It involves the creation of a new conf file for each language that we want to support. Example for french we create a messages.fr file in the conf folder.
Inside it we define key-values like this:
Hello.World = 'Bonjour le monde'
Now the issue is that I have lines that contain characters like "," and "(" and if these are included in the key then we get the error in parsing from the MessageApi
Example
Hello.(World) = 'Bonjour (le monde)'
Here the "(" before and after World is throwing an error while parsing.
Anyone having any idea how we could achieve this?
Try to escape these special characters:
Hello.\(World\) = 'Bonjour (le monde)'
Other examples:
string_one = String for translation 1
string_two = one + one \= two
# String key with spaces
key\ with\ spaces = This is the value that could be looked up with the key "key with spaces".
# Backslash in value should be escaped by another backslash
path=c:\\wiki\\ templates
Also, you can try to escape special characters by using Java Unicode:
Hello.\u0028World\u0029 = 'Bonjour (le monde)'
Reference - How to escape the equals sign in properties files
I inserted a bunch of rows with a text field like content='...\n...\n...'.
I didn't use e in front, like conent=e'...\n...\n..., so now \n is not actually displayed as a newline - it's printed as text.
How do I fix this, i.e. how to change every row's content field from '...' to e'...'?
The syntax variant E'string' makes Postgres interpret the given string as Posix escape string. \n encoding a newline is only one of many interpreted escape sequences (even if the most common one). See:
Insert text with single quotes in PostgreSQL
To "re-evaluate" your Posix escape string, you could use a simple function with dynamic SQL like this:
CREATE OR REPLACE FUNCTION f_eval_posix_escapes(INOUT _string text)
LANGUAGE plpgsql AS
$func$
BEGIN
EXECUTE 'SELECT E''' || _string || '''' INTO _string;
END
$func$;
WARNING 1: This is inherently unsafe! We have to evaluate input strings dynamically without quoting and escaping, which allows SQL injection. Only use this in a safe environment.
WARNING 2: Don't apply repeatedly. Or it will misinterpret your actual string with genuine \ characters, etc.
WARNING 3: This simple function is imperfect as it cannot cope with nested single quotes properly. If you have some of those, consider instead:
Unescape a string with escaped newlines and carriage returns
Apply:
UPDATE tbl
SET content = f_eval_posix_escapes(content)
WHERE content IS DISTINCT FROM f_eval_posix_escapes(content);
db<>fiddle here
Note the added WHERE clause to skip updates that would not change anything. See:
How do I (or can I) SELECT DISTINCT on multiple columns?
Use REPLACE in an update query. Something like this: (I'm on mobile so please ignore any typo or syntax erro)
UPDATE table
SET
column = REPLACE(column, '\n', e'\n')
Assume a value has all windows special characters including "-" and it cannot be inserted directly to Mongo.
where i can find the mongo db special character restrictions?
How to escape while saving or retrieving?
example, do we need to pass the value within brackets ([...])? how to insert and retrieve the record with special character.
Thanks.
Values in MongoDB can be any UTF-8 string. Escaping would be the responsibility of your client program. Depending on which client program / language driver you are using, you would need to use the necessary escape character(s) for that language.
Since you mentioned that you're using Jongo, that means that you're using Java and the mongo-java-driver. In Java, you can just use the unicode escape sequence for the character you're trying to use. For example, \u2014 is the em-dash character.
For example:
DB db = new MongoClient().getDB("test");
Jongo jongo = new Jongo(db);
MongoCollection collection = jongo.getCollection("mycollection");
collection.insert("{fieldWithDash: 'x-y', fieldWithEmDash: 'x\u2014y'}");
Test test = collection.findOne("{fieldWithEmDash: 'x\u2014y'}").as(Test.class);
System.out.println(test);
This:
MongoCollection.findOne(query, parameter)
resolved the problem.
Query and parameter explicite:
MongoCollection.findOne("{ empName: # }", empName)
I need to update a record, which contains literal percent signs, using PostgreSQL in Railo. The query looks like
<cfquery>
update foo set bar = 'string with % in it %'
</cfQuery>
It throws error as ColdFusion normally interprets it as a wildcard character. I can escape it using the following query.
<cfquery>
update foo set bar = 'string with escaped \% in it \%'
</cfQuery>
However, the record now contains "\%" in the database and will be displayed on the page as "\%".
I found a documentation with an example of escaping percent sign in a SELECT. But it does not work for me: syntax error at or near "ESCAPE".
SELECT emp_discount
FROM Benefits
WHERE emp_discount LIKE '10\%'
ESCAPE '\';
Is there a better to achieve the same goal? The underlining database is PostgreSQL. Thanks!
Queryparameters escape special characters. Yet another reason to use them.
In JPQL what is escape character we can use to escape characters such as "'"?
Ex : I am doing something like
...where person.name='Andy'
Here it is working fine
but when the person's name is Andy's then the where clause becomes like
...where person.name='Andy's'
and it returns an error saying
It cannot figure out where string literal ends. Solution is nicely told in specification:
A string literal that includes a single quote is represented by two
single quotes—for example: ‘literal’’s’.
In your case means:
...where person.name='Andy''s'
Below is the sample code for executing query using named parameter.
Query query = entityManager.createQuery("SELECT p FROM Person p WHERE p.name LIKE :name" );
query.setParameter("name", personName);
Here, you can pass string to personName which may contain special character like "Andy's".
Also, it looks much clean & doesn't require to check parameter before query execution & altering the search string.