[Flask] Problem with sqlite3 LIKE clause
madtom1999 at googlemail.com
Tue Jan 10 13:10:51 EST 2017
Thanks Anthony! A good 'Doh' moment there. Spent so much time trying to
get the parameter substitution bent to my will it looks like I was even
trying to throw 'C' at it in the end!
On 10/01/17 16:30, Anthony Ford wrote:
> I think the issue is it's not seeing the % as the wildcard. If you add
> the wildcard chars to the search string before you supply it to
> execute, it works.
> There's a few Stack Overflow questions on this same topic:
> searchstring = '%'+request.form['searchstr']+'%'
> cur = g.db.execute('select * from entries where description like
> (?) order by id desc',(searchstring,))
> The only change is adding the '%' surrounding your search string.
> Anthony Ford,
> ford.anthonyj at gmail.com <mailto:ford.anthonyj at gmail.com>
> On Tue, Jan 10, 2017 at 5:37 AM, Tom via Flask <flask at python.org
> <mailto:flask at python.org>> wrote:
> I'm trying to modify the flaskr tutorial to make a full blown wiki
> using ckeditor and its mostly working ok - bar the search.
> There is a field 'description' which is meant to contain words and
> phrases for searching.
> I wish to search a text field in the database but cannot get
> anything other than the following to parse:
> cur = g.db.execute('select * from entries where description
> like (?) order by id desc',(searchstring,))
> any attempts to add %'s etc seem lead to failure. I can build the
> sql string myself but would like to make it safe.
> Any ideas how to do this?
> Flask mailing list
> Flask at python.org <mailto:Flask at python.org>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Flask