Answer the question
In order to leave comments, you need to log in
A
A
Alexander Vishnev2021-12-11 16:15:57
Alexander Vishnev, 2021-12-11 16:15:57
How to escape query to SQLite database?
If you put a symbol in the search string (Edit1), for example ".", then an error appears: "[FireDAC][Phys][SQLite] ERROR: fts5: syntax error near ".""
And also, if you erase all text from Edit1 , then the error: "[FireDAC][Phys][SQLite] ERROR: unknown special query:"
As I understand it, you need to escape the query text, but I don't quite understand how to do it.
procedure TForm1.FormCreate(Sender: TObject);
begin
FDQuery1.SQL.Text:=('CREATE VIRTUAL TABLE vdb USING fts5 ( text )');
FDQuery1.ExecSQL;
FDQuery1.SQL.Text:=('INSERT INTO vmdb VALUES ("Привет. Конь БарМалей, Корова?")');
FDQuery1.ExecSQL;
FDQuery1.SQL.Text:=('INSERT INTO vmdb VALUES ("Привет. Лось Ты лось: БорМалей ")');
FDQuery1.ExecSQL;
FDQuery1.SQL.Text:=('INSERT INTO vmdb VALUES ("Привет Бар ты Лось.")');
FDQuery1.ExecSQL;
end;
procedure TForm1.Edit1Typing(Sender: TObject);
var
mr : string;
begin
FDQuery1.SQL.Text:=('SELECT text FROM vdb WHERE text MATCH "'+Edit1.Text+'*" ORDER BY rank');
FDQuery1.OpenOrExecute;
mr:=(FDQuery1.FieldByName('text ').AsString);
Memo1.Text := mr;
end; 2 answer(s)
@fromdns
A
Alexander Vishnev, 2021-12-12 @fromdns
The problem was solved by deleting unnecessary characters at the stage of text input, before it gets into the request.
procedure TForm1.sEdit2Typing(Sender: TObject);
var
s:string;
begin
S:=sEdit2.Text; // Вводим запрос
S:=StringReplace(s, '~', '', [rfReplaceAll]);
S:=StringReplace(s, '`', '', [rfReplaceAll]);
S:=StringReplace(s, '!', '', [rfReplaceAll]);
S:=StringReplace(s, '@', '', [rfReplaceAll]);
S:=StringReplace(s, '"', '', [rfReplaceAll]);
S:=StringReplace(s, '#', '', [rfReplaceAll]);
S:=StringReplace(s, '№', '', [rfReplaceAll]);
S:=StringReplace(s, ';', '', [rfReplaceAll]);
S:=StringReplace(s, '$', '', [rfReplaceAll]);
S:=StringReplace(s, '%', '', [rfReplaceAll]);
S:=StringReplace(s, '^', '', [rfReplaceAll]);
S:=StringReplace(s, ':', '', [rfReplaceAll]);
S:=StringReplace(s, '?', '', [rfReplaceAll]);
S:=StringReplace(s, '&', '', [rfReplaceAll]);
S:=StringReplace(s, '*', '', [rfReplaceAll]);
S:=StringReplace(s, '(', '', [rfReplaceAll]);
S:=StringReplace(s, ')', '', [rfReplaceAll]);
S:=StringReplace(s, '-', '', [rfReplaceAll]);
S:=StringReplace(s, '_', '', [rfReplaceAll]);
S:=StringReplace(s, '+', '', [rfReplaceAll]);
S:=StringReplace(s, '=', '', [rfReplaceAll]);
S:=StringReplace(s, '[', '', [rfReplaceAll]);
S:=StringReplace(s, ']', '', [rfReplaceAll]);
S:=StringReplace(s, '{', '', [rfReplaceAll]);
S:=StringReplace(s, '}', '', [rfReplaceAll]);
S:=StringReplace(s, '|', '', [rfReplaceAll]);
S:=StringReplace(s, '>', '', [rfReplaceAll]);
S:=StringReplace(s, '<', '', [rfReplaceAll]);
S:=StringReplace(s, ',', '', [rfReplaceAll]);
S:=StringReplace(s, '\', '', [rfReplaceAll]);
S:=StringReplace(s, '/', '', [rfReplaceAll]);
sEdit1.Text:=S; // "Чистый" запрос
end;
procedure TForm1.sEdit2ChangeTracking(Sender: TObject); // procedure TForm1.sEdit1ChangeTracking(Sender: TObject);
var
i : Integer;
mr : string;
empySQL, SQL : string;
rs : string;
begin
ListView1.Items.Clear;
FDQuery2.Close;
FDQuery2.Active:=True;
FDQuery2.SQL.Clear;
SQL := 'SELECT text FROM vdb WHERE text MATCH :search ORDER BY rank';
empySQL := 'SELECT * FROM vdb';
FDQuery2.SQL.Text := SQL;
if
(sEdit1.text='')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or(sEdit1.text=' ')
or (pos('.', sEdit1.Text) > 0)
or (pos(',', sEdit1.Text) > 0)
or (pos('<', sEdit1.Text) > 0)
or (pos('>', sEdit1.Text) > 0)
or (pos('?', sEdit1.Text) > 0)
or (pos(':', sEdit1.Text) > 0)
or (pos(';', sEdit1.Text) > 0)
or (pos('"', sEdit1.Text) > 0)
or (pos('|', sEdit1.Text) > 0)
or (pos('\', sEdit1.Text) > 0)
or (pos('[', sEdit1.Text) > 0)
or (pos(']', sEdit1.Text) > 0)
or (pos('{', sEdit1.Text) > 0)
or (pos('}', sEdit1.Text) > 0)
or (pos('~', sEdit1.Text) > 0)
or (pos('`', sEdit1.Text) > 0)
or (pos('@', sEdit1.Text) > 0)
or (pos('#', sEdit1.Text) > 0)
or (pos('№', sEdit1.Text) > 0)
or (pos('$', sEdit1.Text) > 0)
or (pos('%', sEdit1.Text) > 0)
or (pos('^', sEdit1.Text) > 0)
or (pos('&', sEdit1.Text) > 0)
or (pos('*', sEdit1.Text) > 0)
or (pos('(', sEdit1.Text) > 0)
or (pos(')', sEdit1.Text) > 0)
or (pos('_', sEdit1.Text) > 0)
or (pos('-', sEdit1.Text) > 0)
or (pos('=', sEdit1.Text) > 0)
or (pos('+', sEdit1.Text) > 0)
or (pos('/', sEdit1.Text) > 0)
then
FDQuery2.SQL.Text := empySQL
else
FDQuery2.ParamByName('search').AsString := '^'+sEdit1.Text+'*';
FDQuery2.Open;
Memo1.BeginUpdate;
for i:=0 to FDQuery2.RecordCount -1 do
begin
mr:=(FDQuery2.FieldByName('text').AsString);
Memo1.Text:=mr;
FDQuery2.Next;
end;
Memo1.EndUpdate;
end;
Similar questions
L
S
N
J
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question