Re: SQL: forbidden syntax search
On Sun, Nov 16, 2003 at 03:31:18AM +0100, M. Bader wrote: Hi, I need a little help on my SQL syntax. I want to store forbidden inputs from the GUI in a table and query it on input from the user; This doesn't answer your question specifically, but rather, describes a separate solution... simple layout: CREATE TABLE `forbidden_input` (`lfdnr` TINYINT (3) UNSIGNED DEFAULT '0' AUTO_INCREMENT, `input` VARCHAR (255) NOT NULL, PRIMARY KEY(`lfdnr`), UNIQUE(`input`)); Content is something like this: 1,'+' 2,'^' 3,'' 4,'' 5,'(' 6,')' 7,'~' 8,'' 9,'%' Must the forbidden inputs be in a table? Couldn't you use the regular expression syntax instead? Something like: SELECT `input` FROM lok_forbidden_input WHERE 'Hello World' regexp '[+^()~%]'; (This is utterly untested. Tweak as neccessary. You might need to backquote some characacters there...) The point being, you can build your regular expression to contain a list of weird characters you want to match. -- Brian 'you Bastard' Reichert[EMAIL PROTECTED] 37 Crystal Ave. #303Daytime number: (603) 434-6842 Derry NH 03038-1713 USA BSD admin/developer at large -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]
SQL: forbidden syntax search
Hi, I need a little help on my SQL syntax. I want to store forbidden inputs from the GUI in a table and query it on input from the user; simple layout: CREATE TABLE `forbidden_input` (`lfdnr` TINYINT (3) UNSIGNED DEFAULT '0' AUTO_INCREMENT, `input` VARCHAR (255) NOT NULL, PRIMARY KEY(`lfdnr`), UNIQUE(`input`)); Content is something like this: 1,'+' 2,'^' 3,'' 4,'' 5,'(' 6,')' 7,'~' 8,'' 9,'%' The Query shall be something like (Where 'Hello World' will later be substituted with the user's input by PHP.): SELECT `input` FROM lok_forbidden_input WHERE 'Hello World' like '%\%'; I get a strange behavior here, which I can't explain myself: I get either no results or all results. More bad: I originally wanted to compare the table content agains the user's input. So the query should rather look like this: SELECT `input` FROM lok_forbidden_input WHERE 'Ha%llo Welt' like '%\'+`input`+'%'; But here I get a problem with the backslash with should mask out something like '%' in table's row number 9. Where am i wrong here? Thanks for any help Maik -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe:http://lists.mysql.com/[EMAIL PROTECTED]