Passing multiple word phrase from C# (ASP.NET MVC 4) to SQL Server Stored Procedure text search -
i want able take content web page text box , pass sql server stored proc perform search on full-text catalog.
in c#, using sql command object setup parameters needed call on stored procedure: 1 of parameters contains query text:
public list<searchitems> mysearchfunction(string query.....) { blah//.... sqlparameter paramqry = new sqlparameter(); paramqry.parametername = "@qry"; paramqry.sqldbtype = sqldbtype.nvarchar; paramqry.direction = parameterdirection.input; paramqry.value = query; cmd.parameters.add(paramqry); ...... } on sql side of things, stored proc use query text as:
select requiredcolumns tablename contains((ourtablefield), @qry)..... this fine simple (one-word) search terms. how convert/pass multi-word or phrases in c# work in sql?
for example, if user enters "barack obama" in text field, want setup @qry value passed sp in query:
where contains((ourtablefield),'"barack" , "obama"') do need sort of string construction in c#? have tried trying insert , and quote literals, issue of escaping single , double quotes tripping me up, , concerned not sensible or safe way continue trying.
i have been trying build in c# using stringbuilder object, along lines of:
list<string> queryparts = query.split(' ').tolist(); string queryval = string.empty; if (queryparts != null & queryparts.count > 0) { stringbuilder sb = new stringbuilder(); sb.append("'"); foreach (string searchpart in queryparts) { sb.append("\"" + searchpart + "\"" + "and"); } //bit hacky, removing trailing , sb.append("'"); sb.replace("and'", string.empty); sb.append("'"); queryval = sb.tostring(); return queryval assign paramqry.value = queryval; however results in escaping - slashes etc. being returned. sure not case of visual studio rendering these characters in debugger -the exception comes sqlexception.
i have seen similar posts mentioned parameter object can handle escaping, cannot see how works or find clear examples may help.
if not feasible, mean doing sort of string manipulation in sql?
this type of solution new me, tia advice offered.
you can use stringbuilder construct sentence adding , every empty space, , build sentence out of content of textbox
Comments
Post a Comment