Making MODEL.objects.raw() query with LIKE input%
Hi All, my question is linked to this thread, so I post here I need to run sql query with LIKE and % in the end - I have tried %% and : CLASSNAME.objects.raw("select * from table where full_name like %s%% ", [user_input]) this is what I get as sql: select * from table where full_name LIKE 'user_input'% I would like to use raw() method as it nicely maps data to model. Is there a way to append % to parameter so that LIKE works as startswith? or can I somehow securely escape input to use with format string? PS. I need object.raw(). I learned about djangoish way - but unfortunately it is not enough - I need raw sql -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Making MODEL.objects.raw() query with LIKE input%
On Nov 9, 10:06 pm, xvga wrote: > Hi All, > > my question is linked to this thread, so I post here > > I need to run sql query with LIKE and % in the end - I have tried %% > and : > CLASSNAME.objects.raw("select * from table where full_name like %s%% > ", [user_input]) > this is what I get as sql: > select * from table where full_name LIKE 'user_input'% > > I would like to use raw() method as it nicely maps data to model. > > Is there a way to append % to parameter so that LIKE works as > startswith? > or can I somehow securely escape input to use with format string? > > PS. I need object.raw(). I learned about djangoish way - but > unfortunately it is not enough - I need raw sql Well, if that's your actual query, you don't need raw SQL: you can just do foo.objects.filter(full_name__icontains=user_input). But presuming this is just an example, you'll need to include the % in the user_input variable itself: user_input = "%s%%" % user_input CLASSNAME.objects.raw("select * from table where full_name like %s", [user_input]) -- DR. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Making MODEL.objects.raw() query with LIKE input%
Daniel, thank you very much :) You are right, that was just an example query > user_input = "%s%%" % user_input did the trick. On Nov 10, 11:28 am, Daniel Roseman wrote: > On Nov 9, 10:06 pm, xvga wrote: > > > > > Hi All, > > > my question is linked to this thread, so I post here > > > I need to run sql query with LIKE and % in the end - I have tried %% > > and : > > CLASSNAME.objects.raw("select * from table where full_name like %s%% > > ", [user_input]) > > this is what I get as sql: > > select * from table where full_name LIKE 'user_input'% > > > I would like to use raw() method as it nicely maps data to model. > > > Is there a way to append % to parameter so that LIKE works as > > startswith? > > or can I somehow securely escape input to use with format string? > > > PS. I need object.raw(). I learned about djangoish way - but > > unfortunately it is not enough - I need raw sql > > Well, if that's your actual query, you don't need raw SQL: you can > just do foo.objects.filter(full_name__icontains=user_input). > > But presuming this is just an example, you'll need to include the % in > the user_input variable itself: > > user_input = "%s%%" % user_input > CLASSNAME.objects.raw("select * from table where full_name like > %s", [user_input]) > -- > DR. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.