I need to write a SQL function that will allow me to strip an email address to the bare domain name. EX: I would make JoeSchmoe#mail.google.com read as JoeSchmoe#google.com. This is most likely very simple but, I cannot seem to find any information on it.
If you are using Oracle:
select substr('test#test.com',instr('test#test.com','#')+1,length('test#test.com')) as domain from dual;
You might want to try creating a CLR SQL function and use regex from your .net library to parse the string. From the looks of it you may have to parse the ccTLD if it exists and then parse the generic TLD/domain name.
Related
Is there any other way to replace multiple strings in sql server 2008r2? which is also fast?
My query is below.
Select REPLACE(REPLACE(EmailText,'#{Name}#',UV.Name),'#{organisation}#',CV.Organisation)
I am written it with example also
Select REPLACE(REPLACE('Hi #{Name}# from #{organisation}#','#{Name}#','Jhon'),'#{organisation}#','Cocacola')
There are all sorts of ways:
A CLR function equivalent to string.Format in C#
String.Format like functionality in T-SQL?
But 'best' as in 'fastest' is probably going to be using REPLACE Repeatedly, as all the attempts in these links have some limitation..
I'm looking for a way to create a query through a winform application to query an Oracle database but ignoring the case of the data. Is this possible to do without having to modify anything in Oracle itself?
You could simply upper- or lowercase all:
SELECT Columns From Table WHERE UPPER(ColName) = :UpperValue
Then use ToUpper on the value:
yourOracleCommand.Parameters.AddWithValue("UpperValue", value.ToUpper())
This I am sure is a fairly simple question. Clients are entering data into a column that looks like this 600/4768/4. I need to be able to remove the / once the data has been entered. How would I do this?
It is usually entered in this format as it is being referenced from another source in this pattern.
You could do it either in program before data is submitted, or in sql. Exactly how depends on what you're programming with, an what database you're using.
in MySql you can do this: replace('00/4768/4', '/', ''); Most any rdbms will have a similar function.
http://dev.mysql.com/doc/refman/5.6/en/string-functions.html#function_replace
I usually find it's easier to do this kind of thing in the program than in sql though.
Using SQL SERVER you can try REPLACE (Transact-SQL)
Replaces all occurrences of a specified string value with another
string value.
Usage:
SELECT REPLACE('abcdefghicde','cde','xxx');
You can use REPLACE function in your SQL query:
replace( string1, string_to_replace, [ replacement_string ] )
select REPLACE('600/4768/4','/','')
While user enters the data take it and then replace the "/" and then store in the table
While inserting client data in to column you can use the REPLACE function, I believe, you are using SQLServer. Below is the example how you can use replace.
REPLACE('600/4768/4','/','');
USe REPLACE if you want to update in SQL
like
REPLACE(<column_Name>,'/',' ')
whole query will look like
Update <table_name>
set <column_Name> = REPLACE(<column_Name>,'/','')
hope this helps
The website i worked was recently attempted to be hacked by the following SQL injection script
boys' and 3=8 union
select 1,
concat(0x232425,ifnull(`table_name`,0x30),char(9),ifnull(`table_rows`,0x30), char(9),0x252423),
3,4,5,6,7,8,9
from `information_schema`.`tables`
where table_schema=0x62646B3032 limit 44,1 -- And '8'='8
This injection returned the mysql table name. This was reported by the error reporting system on that website and we managed to fix that part however I am not able to understand what does the above injection mean?
Anyone can explain this?
Penuel
They're using a select from the Information Schema views in mysql server :
http://dev.mysql.com/doc/refman/5.0/en/information-schema.html
They use some clever hacks to rout out simple sql injection prevention techniques.
According to this the MySQL concat()
Returns the string that results from
concatenating the arguments. May have
one or more arguments. If all
arguments are nonbinary strings, the
result is a nonbinary string. If the
arguments include any binary strings,
the result is a binary string. A
numeric argument is converted to its
equivalent binary string form
So 0x232425 is converted to #$% which is simply added to the begining and end of the table_name field. Maybe just to make it easier for them to pull out the Table names later using Regex.
Later on the char(9) is equivalent to a tab as you can see here and is just there to format the output nicer.
The 3,4,5,6,7,8,9 is just there so that the columns match the boys table that they are performing the Union on.
This injection returned the mysql table name.
Do you mean that your website displayed the table name when you gave it this input, or that the query returns that when run from the mysql client? If it showed on your website, then the attacker has the ability to inject much more harmful queries. Check your data.
I am trying to execute a pretty-sophisticated query on a string field in the database. I am not very experienced at JPQL, so I thought I would try to get some help.
I have a field in the database called FILE_PATH. Within the FILE_PATH field, there will be values such as:
'C:\temp\files\filename.txt'
'file:\\\C:\testing\testfolder\innerfolder\filename2.txt'
I need to be able to do a search from a user-given query on the file name only. So, instead of simply doing a SELECT Table FROM Table AS t WHERE t.filePath LIKE '%:query%', things will have to get a bit more complicated to accomodate for just the filename portion of the path. The file path and file name are dynamic data, so I can't just hard-code a prefix string in there. This has me pretty confused, but I know there are some string expressions in JPQL that might be able to handle this requirement.
Basically, I just need to return all rows that match the given query on whatever comes after the last '\' in the FILE_PATH field. Is this possible?
Thanks for the help.
EDIT: Database that is being used is SQL Server.
Probably the best solution is to add a separate column that contains just the file name. If you can't, then this might work (depending on the database you use):
drop table test;
create table test(name varchar(255));
insert into test values('C:\temp\name2\filename.txt');
insert into test values('file:\\\C:\\innerfolder\filename2.txt');
select * from test
where substring(name, locate('\', name, -1)) like '%name2%'
This is pure SQL, but as far as I understand all the functions are supported within JPQL: http://www.datanucleus.org/products/accessplatform/jpa/jpql_functions.html
One problem is the locate(,,-1). It means 'start from the end of the string'. It works for the H2 database, but not MySQL and Apache Derby. It might work for Oracle, SQL Server (I didn't test it). For some databases may need to replace '\' with '\\' (MySQL, PostgreSQL; not sure if Hibernate does that for you).
Final WHERE Clause:
LOWER(SUBSTRING(fs.filePath, LENGTH(fs.filePath) - (LOCATE('\\', REVERSE(fs.filePath)) - 2), (LOCATE('\\', REVERSE(fs.filePath)) - 1))) LIKE '%:query%'
NOTE: For performance, you might want to save the location of the slash.
Thanks to Thomas Mueller for the assistance.