Updated fulltext search with custom escaped query

Changed pdo quoted query to use custom escaping and added like searches when quoted terms are used.

diff --git a/app/Entity.php b/app/Entity.php
index 122aa2aa2dfc8472f189bdf0d8f894fd4fe5b5ae..4e85e252e3d15f82cdd4fb7594abcd059bbce22b 100644 (file)
--- a/app/Entity.php
+++ b/app/Entity.php
@@ -87,8 +87,8 @@ abstract class Entity extends Model
      */
     public function getShortName($length = 25)
     {
-        if(strlen($this->name) <= $length) return $this->name;
-        return substr($this->name, 0, $length-3) . '...';
+        if (strlen($this->name) <= $length) return $this->name;
+        return substr($this->name, 0, $length - 3) . '...';
     }
 
     /**
@@ -100,19 +100,34 @@ abstract class Entity extends Model
      */
     public static function fullTextSearchQuery($fieldsToSearch, $terms, $wheres = [])
     {
+        $exactTerms = [];
         foreach ($terms as $key => $term) {
-            $term = htmlentities($term);
+            $term = htmlentities($term, ENT_QUOTES);
+            $term =  preg_replace('/[+\-><\(\)~*\"@]+/', ' ', $term);
             if (preg_match('/\s/', $term)) {
+                $exactTerms[] = '%' . $term . '%';
                 $term = '"' . $term . '"';
+            } else {
+                $term = '' . $term . '*';
             }
-            $terms[$key] = $term . '*';
+            if ($term !== '*') $terms[$key] = $term;
         }
-        $termString = "'" . implode(' ', $terms) . "'";
+        $termString = implode(' ', $terms);
         $fields = implode(',', $fieldsToSearch);
-        $termStringEscaped = \DB::connection()->getPdo()->quote($termString);
-        $search = static::addSelect(\DB::raw('*, MATCH(name) AGAINST('.$termStringEscaped.' IN BOOLEAN MODE) AS title_relevance'));
+        $search = static::selectRaw('*, MATCH(name) AGAINST(? IN BOOLEAN MODE) AS title_relevance', [$termString]);
         $search = $search->whereRaw('MATCH(' . $fields . ') AGAINST(? IN BOOLEAN MODE)', [$termString]);
 
+        // Ensure at least one exact term matches if in search
+        if (count($exactTerms) > 0) {
+            $search = $search->where(function($query) use ($exactTerms, $fieldsToSearch) {
+                foreach ($exactTerms as $exactTerm) {
+                    foreach ($fieldsToSearch as $field) {
+                        $query->orWhere($field, 'like', $exactTerm);
+                    }
+                }
+            });
+        }
+
         // Add additional where terms
         foreach ($wheres as $whereTerm) {
             $search->where($whereTerm[0], $whereTerm[1], $whereTerm[2]);

diff --git a/app/Repos/BookRepo.php b/app/Repos/BookRepo.php
index 4b45a1a0b92920fd688d8ebffa06b6546bee7b78..afd802337f5c469d148cf52024a42eee3b61e99b 100644 (file)
--- a/app/Repos/BookRepo.php
+++ b/app/Repos/BookRepo.php
@@ -233,7 +233,9 @@ class BookRepo
         } else {
             $terms = [];
         }
-        $terms = array_merge($terms, explode(' ', $term));
+        if (!empty($term)) {
+            $terms = array_merge($terms, explode(' ', $term));
+        }
         $books = $this->book->fullTextSearchQuery(['name', 'description'], $terms)
             ->paginate($count)->appends($paginationAppends);
         $words = join('|', explode(' ', preg_quote(trim($term), '/')));

diff --git a/app/Repos/ChapterRepo.php b/app/Repos/ChapterRepo.php
index a3ed0a83738f37355b6f8b053d66d26e8f31f838..542cdd5329dcd0414c86698e312e9fb6cda68e18 100644 (file)
--- a/app/Repos/ChapterRepo.php
+++ b/app/Repos/ChapterRepo.php
@@ -138,7 +138,9 @@ class ChapterRepo
         } else {
             $terms = [];
         }
-        $terms = array_merge($terms, explode(' ', $term));
+        if (!empty($term)) {
+            $terms = array_merge($terms, explode(' ', $term));
+        }
         $chapters = $this->chapter->fullTextSearchQuery(['name', 'description'], $terms, $whereTerms)
             ->paginate($count)->appends($paginationAppends);
         $words = join('|', explode(' ', preg_quote(trim($term), '/')));