How to do a case sensitive search in WHERE clause (I'm using SQL Server)?

Question

I want to do a case sensitive search in my SQL query. But by default, SQL Server does not consider the case of the strings.

Any idea on how to do a case sensitive search in SQL query?

score 256 · Accepted Answer · edited Apr 03 '23 at 17:57

256

Can be done via changing the Collation. By default it is case insensitive.

Excerpt from the link:

SELECT 1
FROM dbo.Customers
WHERE   CustID = @CustID COLLATE SQL_Latin1_General_CP1_CS_AS
AND     OrderID = @OrderID COLLATE SQL_Latin1_General_CP1_CS_AS

Or, change the columns to be case sensitive.

You can also apply COLLATE to LIKE to make it case sensitive - e.g.,

SELECT    *
FROM     tbl_Partners
WHERE    PartnerName COLLATE SQL_Latin1_General_CP1_CS_AS LIKE 'MyEx%' COLLATE SQL_Latin1_General_CP1_CS_AS

edited Apr 03 '23 at 17:57

Jenna Leaf

2,255
21
29

answered Dec 02 '09 at 07:03

Ashish Jain

4,667
6
30
35

3

How to use when we have in instead =. like WHERE CustID in (@CustID) – rinuthomaz Sep 27 '17 at 08:25
Collation works for most cases, but if you've got other language characters in your data, it will return false positives: `/schwarz-weiß` versus: `/schwarz-weiss` – Lazlow Jul 23 '19 at 09:14
2

applies to LIKE clause ? – Kiquenet Jul 09 '21 at 09:37

Jonas Lincoln · Answer 2 · 2009-12-02T07:53:39.393

172

By using collation or casting to binary, like this:

SELECT *
FROM Users
WHERE   
    Username = @Username COLLATE SQL_Latin1_General_CP1_CS_AS
    AND Password = @Password COLLATE SQL_Latin1_General_CP1_CS_AS
    AND Username = @Username 
    AND Password = @Password

The duplication of username/password exists to give the engine the possibility of using indexes. The collation above is a Case Sensitive collation, change to the one you need if necessary.

The second, casting to binary, could be done like this:

SELECT *
FROM Users
WHERE   
    CAST(Username as varbinary(100)) = CAST(@Username as varbinary))
    AND CAST(Password as varbinary(100)) = CAST(@Password as varbinary(100))
    AND Username = @Username 
    AND Password = @Password

edited Dec 02 '09 at 07:53

answered Dec 02 '09 at 07:15

Jonas Lincoln

9,567
9
35
49

14

People reading this question may also find it useful to read how to change the column itself to be case sensitive which eliminates the need for using collation in the WHERE clause. See: http://stackoverflow.com/a/485394/908677 – Elijah Lofgren Oct 29 '15 at 13:00
2

The cast as varbinary method worked for me when used directly on the database, but did not work when sending the same statement from a .NET application -- no idea why. But the collate method worked fine. – Doug Sep 20 '16 at 17:44
1

This answer would be perfect if it included an explanation of where to put the term searched for, i.e. where the phrase similar to a regular `like "*word or phrase*"` SQL search would be inserted. – Canned Man Nov 10 '16 at 12:24
@CannedMan - You can use the above collate solution the same way with the LIKE statement. Simply do the following to return all upper case 'D's. "SELECT * FROM SomeTable WHERE ColumnName like '%D%' COLLATE SQL_Latin1_General_CP1_CS_AS" – Radderz Dec 12 '16 at 12:19
It doesn't work with czech alphabet. Tested word: 'ukázka'. It is in the table as a singe word in a column, but your search didn't find it. – Jan Macháček May 22 '18 at 13:32
Still an issue at: Microsoft SQL Azure (RTM) - 12.0.2000.8 May 12 2022 23:11:24 – Jay Cummins Jul 07 '22 at 14:41

score 15 · Answer 3 · edited Nov 10 '16 at 12:22

15

You can make the query using convert to varbinary – it’s very easy. Example:

Select * from your_table where convert(varbinary, your_column) = convert(varbinary, 'aBcD')

edited Nov 10 '16 at 12:22

Canned Man

734
1
7
26

answered Jun 10 '11 at 18:54

Juan Carlos Velez

2,840
2
34
48

2

It doesn't work with czech alphabet. Tested word: 'ukázka'. It is in the table as a singe word in a column, but your search didn't find it. – Jan Macháček May 22 '18 at 13:30

score 7 · Answer 4 · answered Jul 02 '14 at 08:37

7

USE BINARY_CHECKSUM

SELECT 
FROM Users
WHERE   
    BINARY_CHECKSUM(Username) = BINARY_CHECKSUM(@Username)
    AND BINARY_CHECKSUM(Password) = BINARY_CHECKSUM(@Password)

answered Jul 02 '14 at 08:37

Sandeep

413
4
13

3

Wouldn't this mean, that it's no longer an exact comparison? There might be sometimes that it returns true that they aren't actually the same? – O'Rooney Jul 20 '15 at 02:42
4

I agree @O'Rooney this will on occasion return false positives. – Des Horsley Dec 18 '15 at 03:04

Dub · Answer 5 · 2015-03-23T18:09:07.577

use HASHBYTES

declare @first_value nvarchar(1) = 'a'
declare @second_value navarchar(1) = 'A'

if HASHBYTES('SHA1',@first_value) = HASHBYTES('SHA1',@second_value) begin
    print 'equal'
end else begin
    print 'not equal'
end

-- output:
-- not equal

...in where clause

declare @example table (ValueA nvarchar(1), ValueB nvarchar(1))

insert into @example (ValueA, ValueB)
values  ('a', 'A'),
        ('a', 'a'),
        ('a', 'b')

select  ValueA + ' = ' + ValueB
from    @example
where   hashbytes('SHA1', ValueA) = hashbytes('SHA1', ValueB)

-- output:
-- a = a

select  ValueA + ' <> ' + ValueB
from    @example
where   hashbytes('SHA1', ValueA) <> hashbytes('SHA1', ValueB)

-- output:
-- a <> A
-- a <> b

or to find a value

declare @value_b nvarchar(1) = 'A'

select  ValueB + ' = ' + @value_b
from    @example
where   hashbytes('SHA1', ValueB) = hasbytes('SHA1', @value_b)

-- output:
-- A = A

Sumit Joshi · Answer 6 · 2017-07-24T05:39:42.753

5

In MySQL if You don't want to change the collation and want to perform case sensitive search then just use binary keyword like this:

SELECT * FROM table_name WHERE binary username=@search_parameter and binary password=@search_parameter

edited Jul 24 '17 at 05:39

answered Oct 29 '16 at 10:18

Sumit Joshi

1,047
1
14
23

3

That's not a valid SQL Server query. I think that's MySQL – Jon Tirjan Jul 19 '17 at 14:33
2

Works perfectly on MySQL – W.M. Jul 21 '17 at 12:04
1

this works for me in mysql! Thanks! – Talmacel Marian Silviu Mar 16 '22 at 15:36

score 5 · Answer 7 · answered Mar 23 '17 at 08:42

5

use Latin1_General_CS as your collation in your sql db

answered Mar 23 '17 at 08:42

blake

51
1
1

score 1 · Answer 8 · edited Aug 05 '19 at 15:02

1

select * from incidentsnew1 
where BINARY_CHECKSUM(CloseBy) = BINARY_CHECKSUM(Upper(CloseBy))

edited Aug 05 '19 at 15:02

Guillaume Racicot

39,621
9
77
141

answered Aug 05 '19 at 12:29

Hemant yadav

39
3

score 1 · Answer 9 · answered Feb 22 '22 at 10:23

1

You can do by simply altering column collation as

Alter Table UserMaster 
Alter Column Password varchar(50) COLLATE SQL_Latin1_General_CP1_CS_AS

answered Feb 22 '22 at 10:23

Suneel Kumar

11
1

score 0 · Answer 10 · answered Mar 31 '22 at 13:30

If you are interested in Entity Framework approarch:

var customers = context.Customers
.Where(c => EF.Functions.Collate(c.Name, "SQL_Latin1_General_CP1_CS_AS") == "John")
.ToList();

See: https://learn.microsoft.com/en-us/ef/core/miscellaneous/collations-and-case-sensitivity#explicit-collation-in-a-query

score -6 · Answer 11 · answered Jun 25 '18 at 08:23

-6

Just as others said, you can perform a case sensitive search. Or just change the collation format of a specified column as me. For the User/Password columns in my database I change them to collation through the following command:

ALTER TABLE `UserAuthentication` CHANGE `Password` `Password` VARCHAR(255) CHARACTER SET latin1 COLLATE latin1_general_cs NOT NULL;

answered Jun 25 '18 at 08:23

Gfast2

114
6

Do NOT store passwords as plaintext! They should've been hashed and salted, and then the comparison is on the hash and salt! This is simply a terrible answer! – Nelson Apr 09 '19 at 04:11

How to do a case sensitive search in WHERE clause (I'm using SQL Server)?

11 Answers11

Linked

Related