On Wed, 2005-04-20 at 12:36, David Gagnon wrote:
> Michael Fuhr wrote:
>
> >On Wed, Apr 20, 2005 at 11:28:28AM -0400, David Gagnon wrote:
> >
> >
> >>I have a web interface with offers a search field. This search field
> >>will look for the string X in 12 different columns. If the string is
> >>found anywhere I return the row.
> >>
> >>The problem is that the user is eable to put spacial character like : [*
> >>This create invalid regular expression and make my sql crash.
> >>ICNUM~* #descriptionOrKeyword#
> >>
> >>Is there a way to disable all meta-character.
> >>
> >>
> >
> >Why are you doing a regular expression search if you don't want to
> >allow regular expressions?
> >
> >
> >
> Maybe there is a simple way to to this but I want find string X in
> different column. The search must not be case sensitive.
>
> So that searching "aBc" in "abcDef" return true. I don't want
> META-CHaracter. Or at least I don't want meta-character to cause errors
> (i.e.: No
>
> ERROR: invalid regular expression: brackets [] not balanced.
I would generally scrub the input before it go to postgresql. Basically
do a simple string_replace type function that replaces anything that
ISN'T alphanum with nothing.
