tags:

views:

180

answers:

2
Q: 

Full-search text query

I want to add simple full-search-text to my webapp, that can accept multiple words to search.
Example search entry: "Online SQL books"

Should I transform it to: 

WHERE (CONTAINS(myColumn,  '"Online*" and "sql*" and "books*"' ))  
or : WHERE (CONTAINS(myColumn,  '"Online* sql* books*"' ))  
or maybe: WHERE (CONTAINS(myColumn,  '"Online*"' ))  and (CONTAINS(myColumn,  '"SQL*"' ))  and (CONTAINS(myColumn,  '"books*"' ))

or maybe it's better to use 'FORMSOF(INFLECTIONAL('...

Another question where it's better to construct the query, inside store procedure on inside my business object and then pass it to the stored procedure?

A: 

The first form is well (CONTAINS(myColumn, '"Online*" and "sql*" and "books*"' )) - sql anyway spent time to parse query.

Second question is matter of convenience. If you well with string manipulation in sql2005, then do it. But remember on sql-injection problem, so check twice.

Dewfy  2009-08-14 11:58:34
yes sql-injection is important, so what will be safer and faster?
markiz  2009-08-14 12:06:49
I think it's best to construct it inside your business object if instead of your stored procedure since you will create additional overhead creating variables and concatenating values etc inside your stored proc (and just generally is not a good practice). Just make sure you sanatize the sql string to avoid sql injection as Dewfy stated.
Mr. Smith  2009-08-14 12:18:10
markiz  2009-08-14 12:40:19
You can start by checking that the string you're passing doesn't contain the ' character, or at least escape it. If you don't you could end-up with someone dropping your entire database depending on security.
Mr. Smith  2009-08-14 12:53:58
@Benjamin, Is this enough: content = Regex.Replace(content, "[^A-Za-z0-9 ]", "").Trim(); ?
markiz  2009-08-14 13:04:50
@markiz not agree the (")-quote is important part of FTS queries, so include it also and check that always has pair
Dewfy  2009-08-14 14:23:47
@Dewfy, I add the (") to string AFTER I do regex replace, first i clear string from none-standard chars and then i weap every word in string with "" and * at the end.
markiz  2009-08-15 07:52:01
A: 

The problem with using SQL for full text search is that it can be both very slow and misses searches that you would otherwise want it to succeed on. SQL searching also does not provide any form of ranking to the data so any text containing the terms could end up near the top.

To counter these two problems Lucene.net was created to allow the simple creation of an appropriate word to entries index. In doing so it can also see how frequently words are used within particular entries and provide ranking information. You will find it dramatically outperforms using SQL for the task, both in terms of finding results and execution speed on single searches and especially when scaling to support more searches.

Paul Keeble  2009-08-14 13:44:45

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?