Product Search Question

Apr 7, 2007

I have a search box on my website which is used to search the products database.

I will be using the search text in an SQL stored procedure that uses LIKE statements. The search string could realistically contain any character.

How do I prevent SQL injection when any search string is reasonably feasible? .

 

View 2 Replies


ADVERTISEMENT

Transact SQL :: Get All Children Of A Product With Product ID In Result Set

Aug 30, 2015

I am using the code below to get all the children of a particular product and it is working fine. How to get the particular product's id in the select statement. for example, i need to show 891 in a separate column for all the records returned by the query below.

DECLARE @Hierarchy TABLE (Product_Id INT, Parent_Product_Id INT)
INSERT INTO @Hierarchy VALUES (123, 234)
INSERT INTO @Hierarchy VALUES (234, 456)
INSERT INTO @Hierarchy VALUES (456, 678)
INSERT INTO @Hierarchy VALUES (678, 891)
INSERT INTO @Hierarchy VALUES (891, NULL)

[Code] .....

View 3 Replies View Related

SQL 2000 MS Search: Boolean Search Doesn't Work When Search By Phrase

Aug 9, 2006

I'm just wonder if this is a bug in MS Search or am I doing something wrong.

I have a query below

declare @search_clause varchar(255)

set @Search_Clause = ' "hepatitis b" and "hepatocellular carcinoma"'

select * from results

where contains(finding,@search_clause)

I don't get the correct result at all.

If I change my search_clause to "hepatitis" and "hepatocellular carcinoma -- without the "b"

then i get the correct result.

It seems MS Search doesn't like the phrase contain one letter or some sort or is it a know bug?

Anyone know?

Thanks

View 3 Replies View Related

Help W/ Stored Procedure? - Full-text Search: Search Query Of Normalized Data

Mar 29, 2008

 Hi -  I'm short of SQL experience and hacking my way through creating a simple search feature for a personal project. I would be very grateful if anyone could help me out with writing a stored procedure. Problem: I have two tables with three columns indexed for full-text search. So far I have been able to successfully execute the following query returning matching row ids:  dbo.Search_Articles        @searchText varchar(150)        AS    SELECT ArticleID     FROM articles    WHERE CONTAINS(Description, @searchText) OR CONTAINS(Title, @searchText)    UNION    SELECT ArticleID     FROM article_pages    WHERE CONTAINS(Text, @searchText);        RETURN This returns the ArticleID for any articles or article_pages records where there is a text match. I ultimately need the stored procedure to return all columns from the articles table for matches and not just the StoryID. Seems like maybe I should try using some kind of JOIN on the result of the UNION above and the articles table? But I have so far been unable to figure out how to do this as I can't seem to declare a name for the result table of the UNION above. Perhaps there is another more eloquent solution? Thanks! Peter 

View 3 Replies View Related

SQL Search :: Full Text Search With Single Character Returns All Rows

Jul 21, 2015

Our clients want to be able to do full text search with a single letter. (Is the name Newton, Nathan, Nick?, Is the ID N1, N2...). Doing a single character full text search on a table work 25 out of 26 times. The letter that doesn't work is 'n'. the WHERE clause CONTAINS(full_text_field, ' "n*" ') returns all rows, even rows that have no 'n' in them anywhere. Adding a second letter after the "n" works as expected.

Here is an example

create table TestFullTextSearch (
Id int not null,
AllText nvarchar(400)
)
create unique index test_tfts on TestFullTextSearch(Id);
create fulltext catalog ftcat_tfts;

[Code] ....

View 4 Replies View Related

SQL Server 2014 :: Semantic Search Not Finding Keywords Identified By Full-Text Search?

Nov 6, 2014

I have a scenario of where the standard Full-Text search identifies keywords but Semantic Search does not recognize them as keywords. I'm hoping to understand why Semantic Search might not recognize them. The context this is being used in medical terminology and the specific key words I noticed missing right off the bat were medications.

For instance, if I put the following string into a FT indexed table

'J9355 - Trastuzumab (Herceptin)'
AND
'J9355 - Trastuzumab emtansine'

The Semantic Search recognized 'Herceptin' and 'Emtansine' but not 'Trastuzumab'

Nor in

'J8999 - Everolimus (Afinitor)'

It did not recognize 'Afinitor' as a keyword.

In all cases the Base of Full-Text did find those keywords and were identifiable using the dmvsys.dm_fts_index_keywords_by_document.It does show the index as having completed.

why certain words might not be picked up while others would be? Could it be a language/dictionary issue? I am using English and accent insensitive settings?

View 0 Replies View Related

Create Site Search Using Sql Server Full Text Search

Jul 24, 2007

would you use sql server "full text search" feature as your site index?  from some reason i can't make index server my site search catalog, and i wonder if the full text is the solution. i think that i wll have to you create new table called some thing like "site text" and i will need to write every text twice- one the the table (let's say "articles table") and one to the text. other wise- there is problems finding the right urlof the text, searching different tables with different columns name and so on...
so i thought create site search table, with the columns:
id, text, url
and to write every thing to this table.
but some how ot look the wrong way, that every forum post, every article, album picture or joke will insert twice to the sqr server...
what do you think? 

View 1 Replies View Related

SQL Search :: Full Text Search Of PDF Files In A File Table

Mar 30, 2013

I have installed the Adobe iFilter 11 64 bit and set the path to the bin folder. I still cannot find any text from the pdf files. I suspect I am missing something trivial because I don't find much when I Bing for this so it must not be a common problem.Here is the code.

--Adobe iFilter 11 64 bit is installed
--The Path variable is set to the bin folder for the Adobe iFilter.
--SQL Developer version 64 bit on both Windows 7 and Windows 8.
USE master;
GO
DROP DATABASE FileTableStudy;
GO
CREATE DATABASE FileTableStudy
ON PRIMARY

[code]....

View 14 Replies View Related

How Can I Search Throught DOCX (MS Word 2007) Documents By SQL Server 2005 Full Text Search Engine?

Dec 11, 2006

How can I search throught DOCX (MS Word 2007) documents by SQL Server 2005 Full Text Search engine?

Should I something download?

View 6 Replies View Related

Full-Text Search: Prefix / Suffix Search

Sep 14, 2004

Please help me to create an SQL Server 2000 Stored Procedure for using prefix and suffix terms.

Example:

Say I want to find "Terminator" (1984).

I want to be able to use "Term" or "ator" as search results and still return the proper record.

Here is my Stored Procedure creation sql:


CREATE PROCEDURE sps_searchTitles(@searchTerm varchar(255)) AS
SELECT * FROM Video
WHERE FREETEXT (Video.*, '"*@searchTerm*"')
GO


--- The above does not appear to properly check both prefix ("Term---") and suffix ("---ator") terms.

I am trying to accomplish what is similarly done with LIKE '%term%'.

thanks, YM

View 1 Replies View Related

SQL 2012 :: FullText Search - Can Search Terms Come From Another Table

Mar 25, 2015

I have a table that contains words that will be used to search another table where FullText index has been created on searchable columns. I'm basically trying to run something like this:

SELECT t1.col1, t2.col3
FROM tbl1 t1, tbl2 t2
WHERE CONTAINS (t1.col1, t2.col1)

I know this won't work but is there a way to join these two tables so the words (t2.col1) can be passed as search conditions? There is no common key on both tables so normal join won't work. I'm trying to find a way to pass the search words from one table to another.

View 0 Replies View Related

Full Text Search- Substring Search Not Working

Jul 6, 2007

I have Sql server 2005 SP2.
I enabled it for Full Text search. Substring search where i enter *word* doesn't return any row.
I have a table testtable where description has word Extinguisher.

If i run a query with *ting* it doesn't return any row.
select * from testtable where contains(description,'"*xting*"') ;

But it works if i do
select * from testtable where contains(description,'"Exting*"') ;

The Full text search document says it supports substring search.
Is it an issue with sql server 2005?Please help.

View 7 Replies View Related

SQL Search :: Can't Get Expected Results With Contains And Full Text Search?

Nov 1, 2015

I am using Sql Server 2014 Express edition.I have a table with a varchar(max) column. I have created a full text search that use the stoplist "system". column has this struct: xxx.yyy.zzz.... where xxx, yyy, zzz... are numbers, like 123.345.123123.366456...I can have rows like that:

123.345
123.345
123.345.444
123.345.555
123.345.666
123.345.444.777
123.345.444.888
123.345.555.999

I am trying this query:

select * from Mytable where
contains(MyColumn, '123.345.')

I gues the contains would return all the rows with column contains 123.345, but this does not return all the expected rows, only one row.I have tried to replace "." with "-" but the result is the same.I have also tried with '123.345.*. In this case I have got more results, but no all the exptected rows.If I use this query:

select * from MyTable where
MyCOlumn like '123.345.%';

View 12 Replies View Related

How To Search A Database For A Key Word Based Search?

Mar 1, 2007

Can anyone tell me how to search an SQL database for a given key word in a textbox? I basically have a database that has a qualifications column and this column needs to be searched for the data given in the textbox. Which is the best method to search for the data? Is it a simple SQL query or an XML based search engine type? Can anyone give any suggestions regarding this? If XML is efficient then how do I use it to query my database, as I'm pretty new in XML based searching.Thanks 

View 5 Replies View Related

How To Make A Search Engine To Search My Database

Nov 22, 2007

hi there,
 i am doing a school project and i need to have this search engine that will search the data that i have stored inside the database and display the results out
can anyone help?
thanks

View 6 Replies View Related

Why I Always See That Full Text Search Is Always Slower Than LIKE Search?

Apr 2, 2004

for example:

SELECT * from [table1] WHERE CONTAINS([msgcomment], '"fast" NEAR "performance"')

would always slower than

SELECT * from [table1] WHERE [msgcomment] = '%fast%performance%'


Why? and how can it be solved? can you help me?

:)

View 6 Replies View Related

Fulltext Search DB - Allow Users To Search Products

Dec 6, 2011

My site uses a text box to allow visitors to search products. I'm trying to design the SQL Statement to allow search's on full words, part words, and words/phrases regardless of the order the words are in.

E.g.
megger
meg
mft megger (proper order in the database is megger mft)
mft1710 (using 1710 should find the product)

This is my select statement (classic ASP)

Code:
<%
Dim RSResults__param5
RSResults__param5 = "xxx"
If (Request("searchme") <> "") Then
RSResults__param5 = Request("searchme")
End If

[Code] ....

View 1 Replies View Related

SQL Search :: Full Text Search Anomaly

Jun 24, 2015

I'm experiencing an anomaly with my Full text index.

Setup : SQL Server 2005
Indexed Table:
Assets
ID - int (PK, auto increment)
Ref - varchar(50)

[code]....

I have re-built the full-text index, no change.

View 2 Replies View Related

Product Key

May 8, 2007

Hello I installed MS SQl 2005 the eval version and it has expired. I have bought a copy now and i need to put the product keys in without having to reinstall the program. Is there anyway i can do this with having to reinstall SQl again..
Any help would be great

Randy Martin

View 1 Replies View Related

How To Buy SQL Server 7 Product

Aug 18, 1999

I want to upgrade 5 SQL Server 6.5 production boxes to SQL Server 7. I got
SQL Server 7.0 pricing and licensing list from
www.microsoft.com/sql/70/gen/pricing.htm and I think I should buy 5 SQL
Server 7.0 Combined Product/Version/Competitive Upgrade (Since I have been using SQL Server 6.5, I don’t need to buy the full product. Is this right?). I am not sure if
the upgrade offer (the price is much lower than the full product offer $699/$1399) includes the SQL Server 7.0 both software and access license.


Thanks for any help in advance.

Stella Liu

View 1 Replies View Related

Product Sub-Typing

Jul 14, 2004

Hi,

I am interested in opinions on the following,

main(product_id, short_text, price, type)
productTypes(type_id, type)
productTables(type_id, tableName)
productA(product_id, field1, field2)
productB(product_id, field1, field2)

To retrieve all products of type 'A', one must know the table name, in this case 'productA'.

Here is one method.

Create a table that contains the table name that corresponds to each product type, thus the stored procedure only needs to recieve the type_id which can be used to obtain the name of the respective table.

View 1 Replies View Related

Product Function In Sql

Jul 3, 2006

how can i get the product of two fields in sql server?

ie. i want to get like this, - select price, qty, product(price,qty) as amount from xxx - like this

View 2 Replies View Related

Need To Find Product Key

Feb 6, 2008

I am installing SQL Server x64 on a new server, and I was told to use the same license key we have for the other servers... but no one seems to know where it is. Is there any way I could see the license key for one of the working boxes so I could put it on the new one?

Thanks,

View 3 Replies View Related

SQL Server Product

Jul 20, 2005

Does anyone know of a SQL Server product that would let me do the following?Connect to the instanceConfigure thresholds like,1.Show databases not backed up in the last X days2. Show databases that are full that have logs not backed up in the lastx days/hours.3. Show jobs that have failed in the last x days.I would then like to click a process button and have it bring back anythingthat is outside those thresholds?, any thing like that in a windowsapplication?

View 1 Replies View Related

Product Of A Field

Mar 27, 2007

Hi All,

I have a field with numbers (double datatype) as values and I want a aggregate function that gives me the product of all the values in that field. Is there a way to do that in SSRS?



View 2 Replies View Related

Release Of 1.0 Product

Oct 27, 2006

I can't find any timeframe for the 1.0 release of SQL Server Everywhere. Is this information available?

View 6 Replies View Related

SQL Server Product Key

Sep 20, 2007

How can the licensing product key with which SQL Server is installed be replaced/updated?
If this is possible, will the same procedure apply both to SQL Server 2000 and SQL Server 2005?


Thanks.

View 1 Replies View Related

How To Activate Product

Jun 7, 2006

hi,

I am realy sorry that I am putting this question here since I don't know where to post this question.

We have purchased

Windows server CAL 2003 English OLP NL user CAL

with 5 user license

We got the Microsoft open license agreement after a month or so.

Now I want to know how to proceed with this license.

Since I am newbie to this kindly guide me in this regard.

thanks

View 1 Replies View Related

Which SQL Product? Everywhere Or Express

Jul 31, 2006

We are building a system that has mobile clients (laptop with XP and tablet with XP). These clients have data moving back and forth to a centralised n-tier server based system. The communications is proprietory and are very low bandwidth (5 KByte/sec).

We've decided that the best approach to handling both the reference data (ranging from trivial to a complex list of items - about 2 million rows) and the day-to-day operational data is with a database product rather than attempting to handle it ourselves within code.

The question is - what SQL platform to use? SQL Everywhere seems to be a fairly good choice except that it does not seem to support stored procedures. SQL Express is another possibility but there are concerns about the size of the footprint and managing the database engine and the database itself.

The users of the mobile client are considered computer illiterate and would not be able to manage any database administrative tasks. They only come back to base every three to six months. History has shown remote management of the machine has proven difficult (if not impossible) via the low bandwidth connection.

The machines have 512MB of RAM and only 40GB of disk. They have to support XP, Office, our client, and our GIS client. What is the best answer?

Traditionally we would have used MSDE.

Regards
Paul

View 1 Replies View Related

Interpreting Product A-2 &&>=1.978

Aug 14, 2007

Dear Jamie,
Thanks for the reply.
We have another problem to solve.

on the node we are getting product A -2 >=1.978

What does it mean (-2) ?
It is mentioned as two time slices ago. Please help me to undertand this.
From
menik

View 1 Replies View Related

SQL 2005 Product Key

Jul 20, 2007

When I was setting up my new SQL server I entered the CD-KEY off of the wrong license. I don't want to have to uninstall everything to reinstall it with the new CD-KEY.



Is there a way to change the CD-KEY after installation?

View 3 Replies View Related

Selecting Distinct Product

Sep 6, 2007

I know "select  distinct ProductId from Product  " selects  one product only  one time  how can i apply the same logic in a query like give bellow  SELECT     I.QuoteRequestItemId,     I.ProductId     ,P.StorePartNumber    from    QuoteRequestItem I  left join Product P     on I.ProductId = P.ProductId ie  product with  same productId  should be considered only oncethere should not be more than one row  with  same productId  

View 2 Replies View Related

To Find Sum Product And Subtotal

Mar 12, 2014

Here I have attached excel sheet. I want to do row wise sum, product and then sub total.

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved