Database Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

How to handle invalid use of query operators in CONTAINS?

984246Feb 22 2013 — edited Feb 22 2013

I am using the 11gR2, XE version of Oracle's DB. I have set up the text index with WORLD_LEXER.

I'm having troubles with CONTAINS' input, when it contains (invalid) query operators.
If I make a mistake in the query, e.g. "hello & | | hi", the server will crash because Oracle won't be able to parse the query.
What is the recommended way (SQL-injection-proof and handles unparsable input) to generate the query for the CONTAINS procedure?

I was using curly brackets until now, but those will escape the query operators. Note that I don't have problem escaping the whole query, if it's invalid, but how would I go about detecting that?

This post has been answered by Roger Ford-Oracle on Feb 22 2013

Jump to Answer

Locked Post

New comments cannot be posted to this locked post.

Locked on Mar 22 2013

Added on Feb 22 2013

#11g, #database-key-features, #text, #xe

4 comments

863 views