timothy2l Posted July 6, 2003 Posted July 6, 2003 Search Engine I am working on a search engine for an Online Advising application. The search is set up to either bring up a course code or course name depending on what the user enters in the text box. The problem is that if a user only enters one or two letters, the search may bring up data where the string they entered appears in the middle of a word instead of the beginning. dtvwCourses.RowFilter = "course_code LIKE '*" + search_str + "*' OR course_name LIKE '*" + search_str + "*'"; can someone take a look at the code and see if they see any errors or possible improvements? Thanks in advance Quote
*Experts* Nerseus Posted July 7, 2003 *Experts* Posted July 7, 2003 If the search string is: Bob's Diner OR '; DELETE TABLE Table1 -- You might run into problems... Make sure you double up your single quotes or you will get unexpected results and maybe worse. Use something like: dtvwCourses.RowFilter = "course_code LIKE '*" + search_str.Replace("'", "''") + "*' OR course_name LIKE '*" + search_str.Replace("'", "''") + "*'"; Of course, I should mention that the above code (your original search) is extremely inefficient. Normally having one search that uses * on both sides is bad, but to have two of them with an OR is just... so slow. If you get any more than a few hundred records you'll be having to change some code I'd imagine. -nerseus Quote "I want to stand as close to the edge as I can without going over. Out on the edge you see all the kinds of things you can't see from the center." - Kurt Vonnegut
begin_with_A Posted July 17, 2003 Posted July 17, 2003 Thanks Nerseus, ... that helped me too... -A http://www.autojobapply.com/ [send your resume to thousands of job-openings within minutes! Automate your job hunt!] Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.