We pre-process the search query with our own simple code, converting
"and" and "or" and verifying that the resulting query is acceptable.
Ultimately, we fall back to a method that just checks against TSearch2
itself to verify the query is "OK":
def _validate_query(querystring):
""" validates the internal form of the query strings to be used
with TSearch2/Postgres.
Returns a boolean with the validation, and warns to the standard
logging handle if an invalid query was used.
"""
ll=logging.getLogger("searcher")
cursor = connection.cursor()
query = "SELECT count(to_tsquery('default',%s))"
row = None
try:
cursor.execute(query,[querystring])
row = cursor.fetchone()
except Exception:
ll.warn("search query reported invalid: %s" % querystring)
return False
return True
On 7/26/07, John <[EMAIL PROTECTED]> wrote:
>
> SELECT *, rank(ts_vec, to_tsquery('default', 'lc & 11(')) FROM us
> WHERE ts_vec @@ to_tsquery('default', 'lc & 11(') LIMIT 9 OFFSET 0
> this query gives an error
> in tsearch2
> saying syntax error
> any idea on how 2 strip the non safe tsearch stuff
> before feeding it to sql
> this is from a web search interface?
> psycopg2.ProgrammingError at /search ->
> if i give inpu as lc !! (
> is there a list of characters that need to stripped out before doing
> @@ in tsearch2
>
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
