? in Doctrine query means? - doctrine

i wonder what this query means:
$blogPost = Doctrine_Query::create()->from('BlogPost p')->where('p.slug = ?', 'doctrine-released')->execute();
could someone explain the ? for me?
thanks

I am guessing, but I would bet money that the ? is just a way of saying 'there is a variable here and I will later populate it', just like normal binding in other SQL varieties. In your example, that would imply that the ? is expanded to 'doctrine-released' at execute time. In other words, the query becomes where p.slug = 'doctrine-released'

If there is a variable as the parameter then the '?' is used other wise '?' is not needed.
For example:
$blogPost = Doctrine_Query::create()->from('BlogPost p')->where('p.slug = ?', $doctrine-released)->execute();
and in case of a string as a param
$blogPost = Doctrine_Query::create()->from('BlogPost p')->where('p.slug' = 'doctrine-released')->execute();

Related

Marklogic how to construct a cts query

I have a Oracle query and would like to transform into Marklogic cts query. It looks like Marklogic CTS doesn't allow to have "and-query" inside of "and-query". I am not sure how Marklogic works. Thanks in advance.
Where clause query:
where (collection = "TRBA" AND fulltext = 1
AND (dnta = "Briefing" OR dnta = "Conference" OR snta = "Workshop"
OR snta = "Published in" AND (snta = "this article" OR dnta = "Journal")
)
AND (cand IN ("Research","Development Center") OR scn IN("424778","98814","393825"))
Translate into Marklogic:
let $uris:= cts:uris(
(),
(),
cts:and-query((
cts:collection-query("/dbs/"TRBA"),
cts:element-value-query(xs:QName("meta:FullTextExists"),"1"),
cts:field-word-query("dnta",("briefing","conference")),
cts:or-query((
cts:element-word-query(xs:QName("meta:snta"),("this article")),
cts:field-word-query("dnta",("Journal")),
cts:and-query((
cts:or-query((
cts:field-word-query("cand", ("Research","Development Center"))
cts:field-word-query("scn",("424778","98814","393825"))
))
))(:inside and-query:)
))(:or-query:)
))(:outside and-query:)
return fn:doc($uris)
There are basic syntax errors in your code above: missing parens, extra double quotes
I don't think you want word query as the translation for "="; word query just says that word appears somewhere in the field in question; I would think that would be a value query instead.
You might want to take a look at cts:parse which takes a string with ANDs and ORs etc. plus bindings for fields and parses a query string into a cts:query
That said, if you assume the AND mixed in with the ORs binds to the closest clause, i.e. as parenthesized so:
(collection = "TRBA" AND
fulltext = 1 AND
(dnta = "Briefing" OR
dnta = "Conference" OR
snta = "Workshop" OR
(snta = "Published in" AND (snta = "this article" OR dnta = "Journal"))
) AND
(cand IN ("Research","Development Center") OR
scn IN ("424778","98814","393825"))
then I would translate this something like this:
cts:and-query((
cts:collection-query("/dbs/TRBA"),
cts:element-value-query(xs:QName("meta:FullTextExists"),"1"),
cts:or-query((
cts:field-value-query("dnta",("Briefing","Conference")),
cts:field-value-query("snta","Workshop"),
cts:and-query((
cts:field-value-query("snta","Published in"),
cts:or-query((
cts:field-value-query("snta","this article"),
cts:field-value-query("dnta","Journal")
))
))
)),
cts:or-query((
cts:field-value-query("cand",("Research","Development Center")),
cts:field-value-query("scn",("424778","98814","392825"))
))
))
It is a pretty direct mapping.
You simply have several typos in your code. There's an extra double quote in the collection-query and you're missing a comma between items in the last or-query.
Once fixing those the code will run. But a pro tip: don't ever fetch URIs only to fetch documents. You're wasting effort. Just fetch the documents directly with a search passing the query.
let $q := cts:and-query((...))
return cts:search(doc(), $q)[1 to 10]
You probably want to add a limit like [1 to 10] as well unless you really intend to return the full result set.

Doctrine 1 allowing SQL Injection?

I found this code on a legacy app:
$salt = $this->generateSalt();
$new_pass_update = Doctrine_Query::create()
->update('User')
->set('password', '"'. $this->hash($newPass, $salt) .'"')
->set('salt', "sleep(10)") // $salt) <- I replaced this
->where('email = ?', array($mail))
->getDql();
die($new_pass_update);
I was shocked to see this Dql generated as output:
UPDATE User SET password = "3dbe00a167653a1aaee01d93e77e730e"
salt = sleep(10) WHERE email = ?
First of all, I didn't expect to see the quotation marks around the password value. I thougt that Doctrine would do that for me, so I tried the second argument without them, but I was shocked to see this Dql generated as output:
UPDATE User SET password = "3dbe00a167653a1aaee01d93e77e730e"
salt = sleep(10) WHERE email = ?
If I change ->getDql() for -> execute() that's exactly the query that is executed and the db sleeps for 10 seconds.
Why is doctrine behaving like this?
As Gumbo pointed out, the right API to use with Doctrine 1.* update syntax is:
$new_pass_update = Doctrine_Query::create()
->update('User')
->set('password', "?", $this->hash($newPass, $salt))
->set('salt', "?", $salt)
->where('email = ?', array($mail))
->execute();
so, the second argument should be "?" and the third one, the associated value.

why is this not possible in doctrine

I have to do some queries, while i was trying different ways, i found out that the next lines are not "recognized" by doctrine (it gives errors):
for example, when i want to compare if some data in the db is equal to a literal, here the condition:
('u.gender = M')
this is how my table look like:
id gender
1 M
2 M
3 F
it throws a semantical error. Also when comparing dates that way.
I would like to know why this is not recognized by doctrine, while comparing directly with numbers is accepted:
condition: ('u.age = 15')
First option you can do this way-
$M = 'M';
$age = 15;
$query = $this->createQueryBuilder('t')
->where('u.gender = :M AND u.age = :age')
->setParameters(array('M'=> $M,'age'=>$age);
another way to do this-
$query = $this->createQueryBuilder("t")
->where("u.gender = 'M' AND u.age = 15");
So i guess the answer to my question would be that it was not working because doctrine didn't recognize M as a string. That is why it was necessary to use inverted commas like #Mehedi said.
Another way of solving this was to use the query builder:
$v = 'M';
$condition = $this->qb->expr()->eq('u.gender', $this->qb->expr()->literal($v));
but i guess that is just long and hard to read. So the shortest thing would be just:
$condition = ("u.gender = 'M'");

How to make Case-In-Sensitive with Linq

EDIT:
Also like to know:
what if; if i have a data that is not upper case? or have mixed of upper or lower case? how you will handle this?
i am trying to query my resultset
IQueryable<CategoryObject> filteredCategories = _catRepo.GetAllEmployees();
filteredCategories = filteredCategories.Where(c=> c.CategoryName.Contains("Blocks"));
However, i don't get any result becuase the CategoryName is For(Upper Case) in the database. I have no idea how to use contains to filter case insensitive string? I want basically if someone type like;
filteredCategories = filteredCategories.Where(c=> c.CategoryName.Contains("Blocks"));
OR
filteredCategories = filteredCategories.Where(c=> c.CategoryName.Contains("blocks"));
OR
filteredCategories = filteredCategories.Where(c=> c.CategoryName.Contains("blocKS"));
The result should be the same
Try
filteredCategories = categoriesList.Where(c=> c.CategoryName.ToUpper().Contains("BLOCKS"));
That'll remove any case issues.
You can also try:
filteredCategories = categoriesList.Where(c=> c.CategoryName.IndexOf("blocks", StringComparison.OrdinalIgnoreCase) != -1);
First way, as said before - use ToUpper():
var filterString = "bLoCkS"
filteredCategories = categoriesList.Where(c=> c.CategoryName.ToUpper().Contains(filterString.ToUpper()));
Another way - use Case Insensetive collation (Changing SQL Server collation to case insensitive from case sensitive?) in your database (table, field).

how to implement and, or clauses in sql queries? ruby on rails

I tried looking around but could not find an answer on how to implement the combination of AND, |(or). I am getting an error. The code is listed below:
allgames = GameInfo.Get.where(["list = ? AND (lang = ? OR lang = ?)", "yes", "en", #lang]).order(:order)
The error I am getting is below:
The specified query expression syntax is not valid.
please shed some light,
Regards,
Pipe is not used in sql:
where("list = ? AND (lang = ? OR lang = ?)", "yes", 'en',#lang)

Resources