Closed cdujeu closed 9 years ago
The PostgreSQL specifies two special chars in LIKE pattern: the _
and %
. So, this two must be escaped in user input.
Problem may be the standard_conforming_strings
directive.
Imho, the right solution is the:
return 'E' . ($pos <= 0 ? "'%" : "'") . $value . ($pos >= 0 ? "%'" : "'");
It should work with any PostgreSQL setting. Can you confirm that?
Does this directly affect only LIKE?
hi guys sorry I was not available yesterday. from my initial debugging / testing, escaping with \ was finally executing a request with eg. _ instead of That's why I changed the line. I'll try with your last commits and tell you. And yes it was affecting only like, as is a specific wildcard used in LIKE queries. -c
@cdujeu I hope it is solved by #160
@milo currently using the minified version, could you generate such a file including your latest commits? Will be more straightforward to test... thx in advance
@cdujeu Unfortunately not. @dg has the minifier. The /dibi
only directory and the dibi/dibi.php
loading should work...
@dg any quick help on this ;-) ?
Confirmed. Thank you so much to all for your reactivity.
Hi David,
First of all, thanks for your great work. As you maybe already know, Dibi is our historical ORM for the Pydio project, and we love it: doing the job efficiently, and very lightweight (we embed the minified version). I'm not totally sure this is an issue, or maybe a postgre config or version problem, I must admit I'm not a PG expert. We are encountering an issue with LIKE queries containing an underscore, and I happened to fix this by changing the escapeLike function of the PG driver to replace '' by _ instead of \ . Which gives for the escapeLike function
Do you know if it's a bug or something wrong on my -db- side? Using PG 9.3 BTW.
Cheers Charles