Ignore:
Timestamp:
2014-02-21T18:46:01+13:00 (10 years ago)
Author:
ak19
Message:

Fixing up URL encoding of cgi args so that phrase searching works again. Tested MGPP, Lucene and SQLite searching. Tested simple search, fielded search, advanced single field and multi-field as well as running a query.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/trunk/greenstone2/runtime-src/src/recpt/querytools.cpp

    r28222 r28841  
    2525
    2626#include "querytools.h"
     27#include "cgiutils.h"
    2728#include <ctype.h>
    2829#include "unitool.h" // for is_unicode_letdig
     
    343344// This function removes boolean operators from simple searches, and segments
    344345// chinese characters if segment=true
     346// Called by several parse_..._form methods here, this function decodes &
     347// to undo the URL encoding done in cgiutils.cpp for security purposes
    345348void format_querystring (text_t &querystring, int querymode, bool segment) {
    346349  text_t formattedstring;
     350
     351  // & has meaning in boolean searches and can be %26 encoded at this point, need to decode them now.
     352  // Also decode any " here, so that the entire search phrase is highlighted and not just the final word
     353  unsafe_cgi_arg("ALL", querystring);
    347354
    348355  // advanced search, no segmenting, don't need to do anything
     
    449456  }
    450457 
    451  
    452458  if (arg_ct == "2") { // lucene
    453459    // look for AND OR NOT and remove
     
    579585
    580586
     587// The following parse_..._form functions first decode various fields for
     588// both simple and advanced searches to undo the URL encoding.
     589// E.g. quotes have meaning in phrase searches and these have to be decoded
     590// before sending the search off to the index.
     591
    581592// some query form parsing functions for use with mgpp & lucene
    582593
     
    599610  text_t field = args["fqf"];
    600611  if (field.empty()) return; // no query
     612  unsafe_cgi_arg("ALL", field);
    601613  text_tarray fields;
    602614  splitchar(field.begin(), field.end(), ',', fields);
     
    604616  text_t value = args["fqv"];
    605617  if (value.empty()) return; // somethings wrong
     618  unsafe_cgi_arg("ALL", value);
    606619  text_tarray values;
    607620  splitchar(value.begin(), value.end(), ',', values);
     
    651664  text_t field = args["fqf"];
    652665  if (field.empty()) return; // no query
     666  unsafe_cgi_arg("ALL", field);
    653667  text_tarray fields;
    654668  splitchar(field.begin(), field.end(), ',', fields);
     
    656670  text_t value = args["fqv"];
    657671  if (value.empty()) return; // somethings wrong
     672  unsafe_cgi_arg("ALL", value);
    658673  text_tarray values;
    659674  splitchar(value.begin(), value.end(), ',', values);
     
    661676  text_t comb = args["fqc"];
    662677  if (comb.empty()) return; //somethings wrong
     678  //unsafe_cgi_arg("ALL", comb);
    663679  text_tarray combs;
    664680  splitchar(comb.begin(), comb.end(), ',', combs);
     
    734750  text_t field = args["sqlfqf"];
    735751  if (field.empty()) return; // no query
     752  unsafe_cgi_arg("ALL", field); // for the slash. //unsafe_cgi_arg("/", field);
    736753  text_tarray fields;
    737754  splitchar(field.begin(), field.end(), ',', fields);
     
    739756  text_t sqlcomb = args["sqlfqc"];
    740757  if (sqlcomb.empty()) return; //somethings wrong
     758  //unsafe_cgi_arg("ALL", sqlcomb);
    741759  text_tarray sqlcombs;
    742760  splitchar(sqlcomb.begin(), sqlcomb.end(), ',', sqlcombs);
     
    744762  text_t value = args["fqv"];
    745763  if (value.empty()) return; // somethings wrong
     764  unsafe_cgi_arg("ALL", value);
    746765  text_tarray values;
    747766  splitchar(value.begin(), value.end(), ',', values);
     
    808827
    809828  if (field.empty()) return; // no query
     829  // need to decode %2F to / in the URL, e.g. to get dc.Title/Title/ex.Title again in the fields to search in
     830  unsafe_cgi_arg("ALL", field); //unsafe_cgi_arg("/", field);
    810831  text_tarray fields;
    811832  splitchar(field.begin(), field.end(), ',', fields);
     
    813834  text_t sqlcomb = args["sqlfqc"];
    814835  if (sqlcomb.empty()) return; //somethings wrong
     836  //unsafe_cgi_arg("ALL", sqlcomb);
    815837  text_tarray sqlcombs;
    816838  splitchar(sqlcomb.begin(), sqlcomb.end(), ',', sqlcombs);
     
    818840  text_t value = args["fqv"];
    819841  if (value.empty()) return; // somethings wrong
     842  unsafe_cgi_arg("ALL", value); // decode all url-encoded parts of the values to search in
    820843  text_tarray values;
    821844  splitchar(value.begin(), value.end(), ',', values);
     
    823846  text_t comb = args["fqc"];
    824847  if (comb.empty()) return; //somethings wrong
     848  //unsafe_cgi_arg("ALL", comb);
    825849  text_tarray combs;
    826850  splitchar(comb.begin(), comb.end(), ',', combs);
Note: See TracChangeset for help on using the changeset viewer.