Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-06-28 15:42:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Review of #4202, Rolled out to other searches, added testing

Browse Source
This commit is contained in:
Dan Brown 2023-04-27 16:33:24 +01:00
parent 78fecdfcb0
commit 23c35af9ef
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
2 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/Search/SearchRunner.php
View File

@ -173,6 +173,7 @@ class SearchRunner
// Handle exact term matching
foreach ($searchOpts->exacts as $inputTerm) {
$entityQuery->where(function (EloquentBuilder $query) use ($inputTerm, $entityModelInstance) {
$inputTerm = str_replace('\\', '\\\\', $inputTerm);
$query->where('name', 'like', '%' . $inputTerm . '%')
->orWhere($entityModelInstance->textField, 'like', '%' . $inputTerm . '%');
});
@ -218,7 +219,7 @@ class SearchRunner
$subQuery->where('entity_type', '=', $entity->getMorphClass());
$subQuery->where(function (Builder $query) use ($terms) {
foreach ($terms as $inputTerm) {
$inputTerm = (strpos($inputTerm, "\\") !== false) ? str_replace("\\", "\\\\", $inputTerm) : $inputTerm;
$inputTerm = str_replace('\\', '\\\\', $inputTerm);
$query->orWhere('term', 'like', $inputTerm . '%');
}
});
@ -355,6 +356,9 @@ class SearchRunner
$tagValue = (float) trim($connection->getPdo()->quote($tagValue), "'");
$query->whereRaw("value {$tagOperator} {$tagValue}");
} else {
if ($tagOperator === 'like') {
$tagValue = str_replace('\\', '\\\\', $tagValue);
}
$query->where('value', $tagOperator, $tagValue);
}
} else {

20
tests/Entity/EntitySearchTest.php
View File

@ -444,6 +444,26 @@ class EntitySearchTest extends TestCase
$search->assertSee($page->getUrl(), false);
}
public function test_backslashes_can_be_searched_upon()
{
$page = $this->entities->newPage(['name' => 'TermA', 'html' => '
<p>More info is at the path \\\\cat\\dog\\badger</p>
']);
$page->tags()->save(new Tag(['name' => '\\Category', 'value' => '\\animals\\fluffy']));
$search = $this->asEditor()->get('/search?term=' . urlencode('\\\\cat\\dog'));
$search->assertSee($page->getUrl(), false);
$search = $this->asEditor()->get('/search?term=' . urlencode('"\\dog\\"'));
$search->assertSee($page->getUrl(), false);
$search = $this->asEditor()->get('/search?term=' . urlencode('"\\badger\\"'));
$search->assertDontSee($page->getUrl(), false);
$search = $this->asEditor()->get('/search?term=' . urlencode('[\\Categorylike%\\fluffy]'));
$search->assertSee($page->getUrl(), false);
}
public function test_searches_with_user_filters_adds_them_into_advanced_search_form()
{
$resp = $this->asEditor()->get('/search?term=' . urlencode('test {updated_by:dan} {created_by:dan}'));