Not a problem... Scrub the variable before the merge... It's what I do as well.
I have a function that takes the input and scrubs it... I'm away for another
week but if you're interested, when I get back I can post the handler.
> On Jul 29, 2015, at 10:35 AM, Mike Kerner <mikeker...@roadrunner.com> wrote:
>
> The reason for using parameterized queries instead of either merging or
> appending is because of SQL injection.
>
>> On Wed, Jul 29, 2015 at 10:18 AM, PystCat <pyst...@gmail.com> wrote:
>>
>> Why not just use merge...?
>>
>> Put "John" into tVal
>> Put merge("SELECT * FROM foo WHERE(bar LIKE %[[tVal]])") into pSQL
>> OR
>> put merge("SELECT * FROM foo WHERE(bar LIKE %[[tVal]]%)") into pSQL
>>
>> I do this for all of my queries and it works fine.
>>
>> Paul
>>
>>
>>
>>
>>>> On Jul 29, 2015, at 9:45 AM, Mike Kerner <mikeker...@roadrunner.com>
>>> wrote:
>>>
>>> If I was guessing, my hunch would be that including the single-quotes is
>>> going to make the db look for strings containing %:1%, instead of using
>> the
>>> wildcards and the parameter.
>>>
>>> On Wed, Jul 29, 2015 at 9:31 AM, Mike Kerner <mikeker...@roadrunner.com>
>>> wrote:
>>>
>>>> Nope. That doesn't work, Bob. That returns nothing.
>>>>
>>>> On Tue, Jul 28, 2015 at 7:23 PM, Bob Sneidar <
>> bobsnei...@iotecdigital.com>
>>>> wrote:
>>>>
>>>>> Should be LIKE ‘:1’ or for wild cards LIKE ‘%:1%’.
>>>>>
>>>>> If you are searching for a value at the beginning, LIKE ‘:1%’ or at the
>>>>> end, LIKE ‘%:1’
>>>>>
>>>>> If searching for all, column LIKE ‘%:1%’ OR column LIKE ‘:1%’ OR column
>>>>> LIKE ‘%:1’
>>>>>
>>>>> HTH
>>>>>
>>>>> Bob S
>>>>>
>>>>>
>>>>>>> On Jul 28, 2015, at 08:16 , Mike Kerner <mikeker...@roadrunner.com>
>>>>>> wrote:
>>>>>>
>>>>>> Has anybody built any queries that use both parameters and wildcards,
>>>>> e.g.
>>>>>> in a LIKE statement?
>>>>>>
>>>>>> SELECT * FROM foo WHERE bar LIKE %:1%
>>>>>>
>>>>>> I've tried the above (error), I've tried '%':1'%' (error), and I've
>>>>> tried
>>>>>> appending the % to the container I'm passing as my :1 (doesn't work).
>>>>>>
>>>>>> I really don't want to do this the unsafe way.
>>>>>> --
>>>>>> On the first day, God created the heavens and the Earth
>>>>>> On the second day, God created the oceans.
>>>>>> On the third day, God put the animals on hold for a few hours,
>>>>>> and did a little diving.
>>>>>> And God said, "This is good."
>>>>>> _______________________________________________
>>>>>> use-livecode mailing list
>>>>>> use-livecode@lists.runrev.com
>>>>>> Please visit this url to subscribe, unsubscribe and manage your
>>>>> subscription preferences:
>>>>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>>>>
>>>>> _______________________________________________
>>>>> use-livecode mailing list
>>>>> use-livecode@lists.runrev.com
>>>>> Please visit this url to subscribe, unsubscribe and manage your
>>>>> subscription preferences:
>>>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>>>
>>>>
>>>>
>>>> --
>>>> On the first day, God created the heavens and the Earth
>>>> On the second day, God created the oceans.
>>>> On the third day, God put the animals on hold for a few hours,
>>>> and did a little diving.
>>>> And God said, "This is good."
>>>
>>>
>>>
>>> --
>>> On the first day, God created the heavens and the Earth
>>> On the second day, God created the oceans.
>>> On the third day, God put the animals on hold for a few hours,
>>> and did a little diving.
>>> And God said, "This is good."
>>> _______________________________________________
>>> use-livecode mailing list
>>> use-livecode@lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>
>> _______________________________________________
>> use-livecode mailing list
>> use-livecode@lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>
>
>
> --
> On the first day, God created the heavens and the Earth
> On the second day, God created the oceans.
> On the third day, God put the animals on hold for a few hours,
> and did a little diving.
> And God said, "This is good."
> _______________________________________________
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode
