Re: Any way to NOT escape a percent sign using 'contains'?

Fri, 30 Jan 2009 04:33:59 -0800 

Thanks for the advice.  I was kinda thinking I would have to use regex.
I hadn't thought of puting the replace() in a custom cleaning method,
but I agree that sounds like a good place to put it.

On Fri, 2009-01-30 at 13:59 +1100, Malcolm Tredinnick wrote:
> On Thu, 2009-01-29 at 18:47 +0000, Adam Stein wrote:
> > According to the docs, when using 'contains' in filter() a percent sign
> > or underscore is automatically escaped.  However, in my case I want the
> > resulting SQL to use the percent sign.
> > 
> > I know 'contains' will fill in the outside percent signs, but it escapes
> > the percent sign in my string.  So that calling:
> > 
> >     Entry.objects.filter(headline__contains='a%b')
> > 
> > will result in:
> > 
> >     SELECT ... WHERE headline LIKE '%a\%b%';
> 
> Because the "contains" lookup type is used to look for string
> containment, not as a proxy for SQL. We deliberately try to not leak the
> underlying SQL abstraction (the storage backend may not even be SQL,
> after all).
> 
> > 
> > but I want it to be this instead:
> > 
> >     SELECT ... WHERE headline LIKE '%a%b%';
> > 
> > This there an easy way to do this?
> > 
> > I could use regexp, but I didn't want people to know that they would
> > have to use "a.*b" instead of "a*b", just trying to make it simplier for
> > myself and the people using the system.
> 
> Well, the regexp lookup type is for this purpose, so it's the right tool
> to use at the code level. The point about the user-interface is well
> taken, but it doesn't have to be a transparent pass-through. What I
> would suggest is converting your value by doing using
> 
>         value = value.replace('%', '.*')
>         
> at some point. If these values are coming in through a form field, a
> custom cleaning method for the form field would be a nice level to this
> at, for example.
> 
> Regards,
> Malcolm
> 
> 
> 
> -- 
Adam Stein @ Xerox Corporation       Email: a...@eng.mc.xerox.com

Disclaimer: Any/All views expressed
here have been proven to be my own.  [http://www.csh.rit.edu/~adam/]


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to