Hi,
We have an issue for GooleLike Filtering, we have a GoogleLike Filtering when we type special charcters like %,[,],<,> ...etc then the GoogleLike Filtering is not working. I drilled down to deep and found that when we pass normal text to column then the FilterExpression is getting formed as needed and Filtering working as desired, But When we pass and the text with some special characetrs then FilterExpression is not getting formed and the grid filetring is not working.
Thanks,
Sanjeev
We have an issue for GooleLike Filtering, we have a GoogleLike Filtering when we type special charcters like %,[,],<,> ...etc then the GoogleLike Filtering is not working. I drilled down to deep and found that when we pass normal text to column then the FilterExpression is getting formed as needed and Filtering working as desired, But When we pass and the text with some special characetrs then FilterExpression is not getting formed and the grid filetring is not working.
Thanks,
Sanjeev
7 Answers, 1 is accepted
0
Hello Sanjeev,
The reason for the observed behavior is due to RadGrid's escaping the sepcial characters for security reasons. Here is the grid's property responsible for that:
Hence, if you need some of those chars not to be escaped just change the illegal strings array as follows:
Hope this information helps.
Regards,
Tsvetoslav
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
The reason for the observed behavior is due to RadGrid's escaping the sepcial characters for security reasons. Here is the grid's property responsible for that:
public static string[] IllegalStrings { get { if (_illegalStrings == null) { _illegalStrings = new string[] { " LIKE ", " AND ", " OR ", "\"", ">", "<", "<>", " NULL ", " IS " };
} return _illegalStrings; } set { _illegalStrings = value; } }Hence, if you need some of those chars not to be escaped just change the illegal strings array as follows:
protected void Page_Load(object sender, EventArgs e) { GridFilterFunction.IllegalStrings = new string[]{ " LIKE ", " AND ", " OR ", " NULL ", " IS " }; }Hope this information helps.
Regards,
Tsvetoslav
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
0
Sanjeev
Top achievements
Rank 1
Rank 1
answered on 04 May 2010, 02:23 PM
Hi Tsvetoslav,
Thanks for the reply, it's worked for all special characters except %, [, ], and * can you provide some more details on that.
Thanks
Sanjeev
Thanks for the reply, it's worked for all special characters except %, [, ], and * can you provide some more details on that.
Thanks
Sanjeev
0
Hello Sanjeev,
Just set EnableLinqExpressions=true for the grid and those characters will be taken into account as part of the filter value.
Best wishes,
Tsvetoslav
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
Just set EnableLinqExpressions=true for the grid and those characters will be taken into account as part of the filter value.
Best wishes,
Tsvetoslav
the Telerik team
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items.
0
Engin
Top achievements
Rank 1
Rank 1
answered on 27 Oct 2011, 03:26 PM
If you set the EnableLinqExpressions to true , then the single quote is not working . The sample grid application on the Telerik site (http://demos.telerik.com/aspnet-ajax/grid/examples/generalfeatures/filtering/defaultcs.aspx) is also setting this attribute to false so it works with the apostrophe.
In my application, I set it to false and redefine the escape characters as you suggested, and now both the ' and " characters are working on my filter; However, not those special characters. I don't understand why we cannot filter by all these characters and switching the EnableLinqExpressions attribute also switches between the ability to filter by these characters. Isn't there any other way?
In my application, I set it to false and redefine the escape characters as you suggested, and now both the ' and " characters are working on my filter; However, not those special characters. I don't understand why we cannot filter by all these characters and switching the EnableLinqExpressions attribute also switches between the ability to filter by these characters. Isn't there any other way?
0
Hi Engin,
The single quote does work on my side. Could you upgrade to the latest version of the controls and test it? If the problem persists, do give more details on how to reproduce it.
Best wishes,
Tsvetoslav
the Telerik team
The single quote does work on my side. Could you upgrade to the latest version of the controls and test it? If the problem persists, do give more details on how to reproduce it.
Best wishes,
Tsvetoslav
the Telerik team
If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now
0
zAxis
Top achievements
Rank 1
Rank 1
answered on 17 May 2016, 05:47 PM
Maybe I'm just being a bit dense today, but I fail to see how
" AND " is a security risk
while " And " or " and " is not.
Looks more like a poorly thought out rule to me.
0
Hello,
That's a really good point actually. Initially, Transact-SQL keywords consist only of uppercase letters:
https://msdn.microsoft.com/en-us/library/ms177563.aspx
Therefore, this limitation logic may be a legacy code from the first versions of RadGrid. Generally, you can remove these operators from the illegal strings collection:
http://www.telerik.com/forums/radgrid-filter-with-and-and-or#iMR601r2eUqBd4tiWXBrWg
Thank you for bringing this issue to our attention for further consideration. I've updated your Telerik points as a token of gratitude.
Regards,
Eyup
Telerik
That's a really good point actually. Initially, Transact-SQL keywords consist only of uppercase letters:
https://msdn.microsoft.com/en-us/library/ms177563.aspx
Therefore, this limitation logic may be a legacy code from the first versions of RadGrid. Generally, you can remove these operators from the illegal strings collection:
http://www.telerik.com/forums/radgrid-filter-with-and-and-or#iMR601r2eUqBd4tiWXBrWg
Thank you for bringing this issue to our attention for further consideration. I've updated your Telerik points as a token of gratitude.
Regards,
Eyup
Telerik
Do you need help with upgrading your ASP.NET AJAX, WPF or WinForms projects? Check the Telerik API Analyzer and share your thoughts.