Re: Use of with conjunctions

Sat, 12 Mar 2005 15:14:13 -0800 



Is there any other way rather than making the extra queries?


Ok, so after posting this it hit me. I could use a simple <isNotEmpty> property and nest the
iterator in it. It requires copying the whole iterator twice but it is easier and better than making the extra query statement.

I am having problems with the conjunction though, meaning that the conjunction isn't giving me the desired effect.

Here is the whole code:

<isEmpty property="search_terms">
<iterate prepend = "AND" property = "keywords" open = "(" close = ")"
        conjunction = "AND">
        <isNotEmpty property= "search_fields" >
                post.title ilike '%$keywords[]$%' or
        </isNotEmpty>
        post.text ilike '%$keywords[]$%'
</iterate>)
</isEmpty>

<isNotEmpty property="search_terms">
<iterate prepend = "AND" property = "keywords" open = "(" close = ")"
        conjunction = "AND">
        <isNotEmpty property= "search_fields" >
                post.title ilike '%$keywords[]$%' or
        </isNotEmpty>
        post.text ilike '%$keywords[]$%'
</iterate>)
</isNotEmpty>

The parenthesis ) after the closing iterate tag is not a bug, it is being done inside a subquery and that's the closing parenthesis.

If i execute the query manually:

(...
and (post.title ilike '%tecnologia%' or post.text ilike '%tecnologia%')
and (post.title ilike '%sirve%' or post.text ilike '%sirve%'))

It gives me exactly 1 result, which is what i am looking for.

However, if i execute this query manually:

(...
and (post.title ilike '%tecnologia%' or post.text ilike '%tecnologia%'
and post.title ilike '%sirve%' or post.text ilike '%sirve%'))

Notice the lack of the parenthesis after tecnologia and bfore the second post.title.
It gives me the same results as when i use the conjunction OR.

Is the iterator not using the parenthesis properly? Is the conjunction in sqlmap working?
Am i doing something stupid that i am not seeing?

I tried seaching for only "tecnologia" and then "tecnologia" or "sirve" with sqlmaps, and i
am getting the proper results, so i don't think i am making a mistake.

For kicks, i tried setting both iterators to AND to just check if the code was never executing properly.

--
Francisco Javier Le�n Arosemena
X Semestre de Lic. en Computaci�n
Maracaibo, Edo. Zulia, Venezuela

Reply via email to