Closed cdujeu closed 9 years ago
milo
commented
9 years ago The PostgreSQL specifies two special chars in LIKE pattern: the _ and %. So, this two must be escaped in user input.
Problem may be the standard_conforming_strings directive.
Imho, the right solution is the:
return 'E' . ($pos <= 0 ? "'%" : "'") . $value . ($pos >= 0 ? "%'" : "'");It should work with any PostgreSQL setting. Can you confirm that?
JanTvrdik
commented
9 years ago Does this directly affect only LIKE?
cdujeu
commented
9 years ago hi guys sorry I was not available yesterday. from my initial debugging / testing, escaping with \ was finally executing a request with eg. _ instead of That's why I changed the line. I'll try with your last commits and tell you. And yes it was affecting only like, as is a specific wildcard used in LIKE queries. -c
milo
commented
9 years ago @cdujeu I hope it is solved by #160
cdujeu
commented
9 years ago @milo currently using the minified version, could you generate such a file including your latest commits? Will be more straightforward to test... thx in advance
milo
commented
9 years ago @cdujeu Unfortunately not. @dg has the minifier. The /dibi only directory and the dibi/dibi.php loading should work...
cdujeu
commented
9 years ago @dg any quick help on this ;-) ?
cdujeu
commented
9 years ago Confirmed. Thank you so much to all for your reactivity.
Hi David,
First of all, thanks for your great work. As you maybe already know, Dibi is our historical ORM for the Pydio project, and we love it: doing the job efficiently, and very lightweight (we embed the minified version). I'm not totally sure this is an issue, or maybe a postgre config or version problem, I must admit I'm not a PG expert. We are encountering an issue with LIKE queries containing an underscore, and I happened to fix this by changing the escapeLike function of the PG driver to replace '' by _ instead of \ . Which gives for the escapeLike function
Do you know if it's a bug or something wrong on my -db- side? Using PG 9.3 BTW.
Cheers Charles