{
$termString = '';
foreach ($terms as $term) {
- $termString .= $term . '* ';
+ $termString .= htmlentities($term) . '* ';
}
$fields = implode(',', $fieldsToSearch);
$termStringEscaped = \DB::connection()->getPdo()->quote($termString);
$search = static::addSelect(\DB::raw('*, MATCH(name) AGAINST('.$termStringEscaped.' IN BOOLEAN MODE) AS title_relevance'));
- $search = $search->whereRaw('MATCH(' . $fields . ') AGAINST(? IN BOOLEAN MODE)', [$termString]);
+ $search = $search->whereRaw('MATCH(' . $fields . ') AGAINST(? IN BOOLEAN MODE)', [$termStringEscaped]);
// Add additional where terms
foreach ($wheres as $whereTerm) {
*/
public function getBySearch($term)
{
- $terms = explode(' ', preg_quote(trim($term)));
+ $terms = explode(' ', $term);
$books = $this->book->fullTextSearch(['name', 'description'], $terms);
- $words = join('|', $terms);
+ $words = join('|', explode(' ', preg_quote(trim($term), '/')));
foreach ($books as $book) {
//highlight
$result = preg_replace('#' . $words . '#iu', "<span class=\"highlight\">\$0</span>", $book->getExcerpt(100));
*/
public function getBySearch($term, $whereTerms = [])
{
- $terms = explode(' ', preg_quote(trim($term)));
+ $terms = explode(' ', $term);
$chapters = $this->chapter->fullTextSearch(['name', 'description'], $terms, $whereTerms);
- $words = join('|', $terms);
+ $words = join('|', explode(' ', preg_quote(trim($term), '/')));
foreach ($chapters as $chapter) {
//highlight
$result = preg_replace('#' . $words . '#iu', "<span class=\"highlight\">\$0</span>", $chapter->getExcerpt(100));
*/
public function getBySearch($term, $whereTerms = [])
{
- $terms = explode(' ', preg_quote(trim($term)));
+ $terms = explode(' ', $term);
$pages = $this->page->fullTextSearch(['name', 'text'], $terms, $whereTerms);
// Add highlights to page text.
- $words = join('|', $terms);
+ $words = join('|', explode(' ', preg_quote(trim($term), '/')));
//lookahead/behind assertions ensures cut between words
$s = '\s\x00-/:-@\[-`{-~'; //character set for start/end of words
-<h1 id="bkmrk-page-title">{{$page->name}}</h1>
+<div v-pre>
+ <h1 id="bkmrk-page-title">{{$page->name}}</h1>
-{!! $page->html !!}
\ No newline at end of file
+ {!! $page->html !!}
+</div>
\ No newline at end of file
->seePageIs($page->getUrl());
}
+ public function testInvalidPageSearch()
+ {
+ $this->asAdmin()
+ ->visit('/')
+ ->type('<p>test</p>', 'term')
+ ->press('header-search-box-button')
+ ->see('Search Results')
+ ->seeStatusCode(200);
+ }
+
public function testEntitiesViewableAfterCreatorDeletion()
{
projects / bookstack / commitdiff