Using 'ilike' to select rows with backslash character [PostgreSQL] - sql

I try to execute such query:
select * from my_table where table_name ilike 'PDK\1100090'
this query returns 0 rows, but in fact that table contains a row with such string. I verified that by selecting everything from that table. I also used '=' instead of ilike, and tried esaping the string with E'PDK\1100090' with no luck. I assume there is a problem with a backslash in the string but I could be wrong about that.
Thanks in advance

You claim to have tried double back slashes. Try this:
where table_name ilike 'PDK_1100090'
Does that return anything? (The underscore should match any character in that position.)
Then try for any sequence:
where table_name ilike 'PDK%1100090'
Then look for unusual characters at the beginning/ending of the string:
where table_name ilike '%PDK%1100090%'
If the double backslash isn't working, then you have some other funkiness in the string.

Replacing the query by adding 3 more backslashes solve the problem. Now it looks like this:
select * from my_table where table_name ilike 'PDK\\\\1100090'

Related

Why does using an Underscore character in a LIKE filter give me all the results?

I wrote the below SQL query with a LIKE condition:
SELECT * FROM Manager
WHERE managerid LIKE '_%'
AND managername LIKE '%_%'
In the LIKE I want to search for any underscores %_%, but I know that my columns' data has no underscore characters.
Why does the query give me all the records from the table?
Sample data:
create table Manager(
id int
,managerid varchar(3)
,managername varchar(50)
);
insert into Manager(id,managerid,managername)values(1,'A1','Mangesh');
insert into Manager(id,managerid,managername)values(2,'A2','Sagar');
insert into Manager(id,managerid,managername)values(3,'C3','Ahmad');
insert into Manager(id,managerid,managername)values(4,'A4','Mango');
insert into Manager(id,managerid,managername)values(5,'B5','Sandesh');
Sql-Fiddle
Modify your WHERE condition like this:
WHERE mycolumn LIKE '%\_%' ESCAPE '\'
This is one of the ways in which Oracle supports escape characters. Here you define the escape character with the escape keyword. For details see this link on Oracle Docs.
The '_' and '%' are wildcards in a LIKE operated statement in SQL.
The _ character looks for a presence of (any) one single character. If you search by columnName LIKE '_abc', it will give you result with rows having 'aabc', 'xabc', '1abc', '#abc' but NOT 'abc', 'abcc', 'xabcd' and so on.
The '%' character is used for matching 0 or more number of characters. That means, if you search by columnName LIKE '%abc', it will give you result with having 'abc', 'aabc', 'xyzabc' and so on, but no 'xyzabcd', 'xabcdd' and any other string that does not end with 'abc'.
In your case you have searched by '%_%'. This will give all the rows with that column having one or more characters, that means any characters, as its value. This is why you are getting all the rows even though there is no _ in your column values.
The underscore is the wildcard in a LIKE query for one arbitrary character.
Hence LIKE %_% means "give me all records with at least one arbitrary character in this column".
You have to escape the wildcard character, in sql-server with [] around:
SELECT m.*
FROM Manager m
WHERE m.managerid LIKE '[_]%'
AND m.managername LIKE '%[_]%'
See: LIKE (Transact-SQL)
Demo
As you want to specifically search for a wildcard character you need to escape that
This is done by adding the ESCAPE clause to your LIKE expression. The character that is specified with the ESCAPE clause will "invalidate" the following wildcard character.
You can use any character you like (just not a wildcard character). Most people use a \ because that is what many programming languages also use
So your query would result in:
select *
from Manager
where managerid LIKE '\_%' escape '\'
and managername like '%\_%' escape '\';
But you can just as well use any other character:
select *
from Manager
where managerid LIKE '#_%' escape '#'
and managername like '%#_%' escape '#';
Here is an SQLFiddle example: http://sqlfiddle.com/#!6/63e88/4
Underscore is a wildcard for something.
for example
'A_%' will look for all match that Start whit 'A' and have minimum 1 extra character after that
In case people are searching how to do it in BigQuery:
An underscore "_" matches a single character or byte.
You can escape "\", "_", or "%" using two backslashes. For example, "\%". If you are using raw strings, only a single backslash is required. For example, r"\%".
WHERE mycolumn LIKE '%\\_%'
Source: https://cloud.google.com/bigquery/docs/reference/standard-sql/operators
You can write the query as below:
SELECT * FROM Manager
WHERE managerid LIKE '\_%' escape '\'
AND managername LIKE '%\_%' escape '\';
it will solve your problem.

Access Queries like command Wildcard

I want to use the like command in a query to find specific results in Access. In the field that I want to utilize the like command has the wildcard (*) command in that field, which I want to search by. Is there a way around this? Example below:
SELECT *
FROM TABLE_NAME
WHERE FIELD_NAME LIKE '*'
Assuming you want to find columns that actually contain an asterisk (*) via the LIKE operator, here is an idea to try (see http://office.microsoft.com/en-us/access-help/using-wildcard-characters-in-string-comparisons-HP001032284.aspx )
SELECT *
FROM TABLE_NAME
WHERE FIELD_NAME LIKE '[*]'
The square brackets indicate that it's a literal asterisk to match, and not a wildcard.
* is not a wildcard in sql server like. So you can use:
SELECT *
FROM TABLE_NAME
WHERE FIELD_NAME LIKE '%*%' ;
If you want to search for actual wildcard %, you can change the wilcard to something else say &
SELECT *
FROM TABLE_NAME
WHERE FIELD_NAME LIKE '&%&' ESCAPE '&';

LIKE contains %

I have record in table like 'abc 100% text'.
I want to search all the records that contain 100%.
What will be LIKE query?
SELECT * FROM TABLE where ColName LIKE '100%%'
above query returns wrong results.
Thanks.
SELECT * FROM TABLE where ColName LIKE '%100[%]%'
Have a look at Using Wildcard Characters As Literals
You can use the wildcard pattern matching characters as literal characters. To use a wildcard character as a literal character, enclose the wildcard character in brackets.
SELECT columns FROM table WHERE column LIKE '%[%]%'
or
SELECT columns FROM table WHERE column LIKE '%\%%' ESCAPE '\'
as described in http://web.archive.org/web/20150519072547/http://sqlserver2000.databases.aspfaq.com:80/how-do-i-search-for-special-characters-e-g-in-sql-server.html
Additionally, you can use escape charaters...
LIKE '%100^%%' ESCAPE '^'
http://web.archive.org/web/20150519072547/http://sqlserver2000.databases.aspfaq.com:80/how-do-i-search-for-special-characters-e-g-in-sql-server.html
Use a backslash to escape:
SELECT * FROM TABLE where ColName LIKE '%100\%%';
You may need to try this:
SELECT * FROM TABLE where ColName LIKE '%100\%%' ESCAPE '\';

How do I search for names with apostrophe in SQL Server?

SELECT *
FROM Header
WHERE (userID LIKE [%'%])
Double them to escape;
SELECT *
FROM Header
WHERE userID LIKE '%''%'
SELECT *
FROM Header WHERE (userID LIKE '%''%')
SELECT * FROM Header WHERE userID LIKE '%' + CHAR(39) + '%'
SELECT * FROM TableName WHERE CHARINDEX('''',ColumnName) > 0
When you have column with large amount of nvarchar data and millions of records, general 'LIKE' kind of search using percentage symbol will degrade the performance of the SQL operation.
While CHARINDEX inbuilt TSQL function is much more faster and there won't be any performance loss.
Reference SO post for comparative view.
That's:
SELECT * FROM Header
WHERE (userID LIKE '%''%')
select * from Header where userID like '%''%'
Hope this helps.
First of all my Search query value is from a user's input.
I have tried all the answers on this one and all the results Google have given me, 90% of the answers says put '%''%' and the other 10% says a more complicated answers.
For some reason all of those did not work for me.
How ever I remembered that in MySQL (phpmyadmin) there is this built in search function so I tried it just to see how MySQL handles a search with an apostrophe, turns out MySQL just escaping apostrophe with a backslash LIKE '%\'%'
so why just I replace apostrophe with a \' in every user's query.
This is what I come up with:
if(!empty($user_search)) {
$r_user_search = str_ireplace("'","\'","$user_search");
$find_it = "SELECT * FROM table WHERE column LIKE '%$r_user_search%'";
$results = $pdo->prepare($find_it);
$results->execute();
This solves my problem.
Also please correct me if this is still has security issues.
Brackets are used around identifiers, so your code will look for the field %'% in the Header table. You want to use a string insteaed. To put an apostrophe in a string literal you use double apostrophes.
SELECT *
FROM Header WHERE userID LIKE '%''%'
Compare Names containing apostrophe in DB through Java code
String sql="select lastname from employee where FirstName like '%"+firstName.trim().toLowerCase().replaceAll("'", "''")+"%'"
statement = conn.createStatement();
rs=statement.executeQuery(Sql);
iterate the results.

Oracle -- finding values with leading or trailing spaces

I am trying to find if a certain column requires TRIM function on it.
How can I find out if this column in a table has records that have white space either before or after the actual data.
You can check it using the TRIM function itself, not the most efficient but accurate:
Select *
From TableA
Where MyColumn <> TRIM(MyColumn)
Though if you're checking then turning around to trim anyway, you probably want to just do it in the first place, like this:
Select TRIM(MyColumn) as TrimmedMyColumn
From TableA
A quick and dirty way
WHERE LENGTH(TRIM(COL1)) <> LENGTH(COL1)
So why can't you use the following to find the leading spaces? I've been able to identify the records with leading spaces this way and using '% ' to find the trailing spaces.
SELECT mycolumn
FROM my_table
WHERE mycolumn LIKE ' %'
I've also used the following to remove both the leading and trailing spaces
Update My_table set Mycolumn = TRIM(Mycolumn)
which seems to work just fine.
You could use regular expressions in Oracle.
Example:
select * from your_table
where regexp_like(your_column, '^[ ]+.*')
or regexp_like(your_column, '.*[ ]+$')
select data1, length(data1)-length(replace(data1,' ','')) from t;
Following query will retrieve rows when one of Table fields T$DSCA has trailing spaces at the end:
SELECT * from TABLE_NAME A WHERE RAWTOHEX(SUBSTR(A.T$DSCA, LENGTH(T$DSCA),1)) ='A0' AND TRIM(T$DSCA) is not null;