You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
this errors when I ask for any string with quotation mark.
EXAMPLE
publications/s.+zheng/CONCAT('whs(', ')SQLi')/
File "/data/www/venv/local/lib/python2.7/site-packages/django/db/backends/utils.py", line 64, in execute
return self.cursor.execute(sql, params)
ProgrammingError: syntax error at or near "whs"
LINE 1: ...s_publication.authors) LIKE lower('%zheng/CONCAT('whs(',')SQ...
and this is very bad.
next error found few lines later:
publications/d.+agard/+ADw-whscheck+AD4-/
File "/data/www/venv/local/lib/python2.7/site-packages/publications/views/person.py", line 23, in person
author = author[:off] + author[off].upper() + author[off + 1:]
IndexError: string index out of range
from what I see in code you support few special chars, but most is ignored.
from what I see on DB with around 4k of publications, theres a lot more 'special characters' in database than you support:
char | count of this char through all rows in author field.
è | 1
<U+00AD> | 1
ě | 1
4 | 1
ć | 1
ı | 1
’ | 1
à | 1
ï | 1
ý | 1
ã | 1
ň | 1
( | 2
ú | 2
́ | 2
1 | 2
0 | 3
ä | 3
č | 4
ñ | 4
| 4
ř | 4
š | 6
é | 9
& | 10
í | 10
ö | 11
ü | 13
' | 14
ó | 17
á | 29
I have no good solution here. I thought of using slugify from django.utils.text here as its safest way, but it would need to be another column in table or annotate (this will be slow) and could will mess up guys with similar surnames. Discussion Open:
code used to get characters inside a field postgre:
WITH RECURSIVE itemChars(aChar, remain) AS (
SELECT LEFT(lower(authors),1), RIGHT(lower(authors), LENGTH(authors)-1)
FROM publications_publication WHERE LENGTH(authors)>0
UNION ALL
SELECT LEFT(remain,1), RIGHT(remain, LENGTH(remain)-1) FROM itemChars
WHERE LENGTH(remain)>0
)
SELECT aChar, COUNT(*) as amount FROM itemChars
GROUP BY aChar ORDER BY amount;
code triggered when you search by author:
https://github.com/lucastheis/django-publications/blob/develop/publications/views/author.py#L32
this errors when I ask for any string with quotation mark.
EXAMPLE
publications/s.+zheng/CONCAT('whs(', ')SQLi')/
and this is very bad.
next error found few lines later:
publications/d.+agard/+ADw-whscheck+AD4-/
from what I see in code you support few special chars, but most is ignored.
from what I see on DB with around 4k of publications, theres a lot more 'special characters' in database than you support:
I have no good solution here. I thought of using slugify from django.utils.text here as its safest way, but it would need to be another column in table or annotate (this will be slow) and could will mess up guys with similar surnames. Discussion Open:
code used to get characters inside a field postgre:
Django 1.8.17
django-publications 0.6.2/0.6.3/develop
The text was updated successfully, but these errors were encountered: