syntax

Hi,
Can someone point me to a resource to learn about syntax like this:
"%#{search}%" I understand everything but the two percent signs. I
tried googling but various searches on curly braces and percent signs
brought no luck, and of course we can't search using literal % and
{. (As I writ this I wonder if google will do something to strip
them out and this post will look completely ridiculous!
Thanks.

If you've seen "%#{variable}%", in a find statement, that's a SQL
fragment and the percent signs work very much like a * sign in a bash
(or cmd) shell. Search for "LIKE Operator" on this page:

http://www.firstsql.com/tutor2.htm

-J.

Umm, is that the whole syntax?

Or is it, <% #{search} %> ?
In which case the <% %> means that it is embedded ruby code. Found in
.rhtml files. Which means the code #{search} is evaluated and the
value is rendered by the DOM as html.

Now <% %> won't output anything, just be evaluated.

You need the equal sign, <%= %> to output to the viewport.

So in an .rhtml file, <%= #{search} %> will evaluate the search and
return it as a string and output the value to the html to be rendered
in the viewport.

If you need to know what #{search} does, that is ruby code. So
learning some ruby code may help you.

HTH,
Anita.

Yes, this also applies . The "#{variable}" syntax is Ruby's string
interpolation of a variable. It would be like print "$variable" in
Perl. -J.

Hi,
Can someone point me to a resource to learn about syntax like this:
"%#{search}%" I understand everything but the two percent signs. I
tried googling but various searches on curly braces and percent signs
brought no luck, and of course we can't search using literal % and
{. (As I writ this I wonder if google will do something to strip
them out and this post will look completely ridiculous!
Thanks.

I'm going to hazard a guess that the entire line looks something like this:

search = params[:query]
MyModel.find(:all, :conditions => "title LIKE %#{search}%")

? If so, the #{} is a ruby construct that interpolates what's inside it for double quoted strings. The %'s on either end is SQL's wildcard.

If you do see that string above as-is, change it since the above doesn't escape the input.
Change it to at least this:

MyModel.find(:all, :conditions => ["title LIKE ?", "%{#search}%"])

-philip

Thank you for the replies Anita and philip,
I was just in the process of writing a reply to Anita with a more
complete example when philips reply came through.
It is the SQL wildcard.
  # models/product.rb
  def self.search(search, page)
      paginate :per_page => 5, :page => page,
           :conditions => ['name like ?', "%#{search}%"], :order =>
'name'
  end

The two %'s straddling the Ruby construct inside the double quotes
made me think it was some Ruby or Rails syntax. BTW I tried googling
around sql but again it is difficult to search around punctuation and
symbols.
Thanks for your time.
Scott.