Updated fulltext search with custom escaped query

Changed pdo quoted query to use custom escaping and added like searches when quoted terms are used.

Updated fulltext search with custom escaped query
Changed pdo quoted query to use custom escaping and added like searches when quoted terms are used.
Dan Brown
Commit bc2b310638d7769e3e0f6c168e0c0618d5f245ec bc2b3106 1 parent 33bf20cf
Showing 3 changed files with 28 additions and 9 deletions
app/Entity.php
app/Repos/BookRepo.php
app/Repos/ChapterRepo.php
--- a/app/Entity.php
View file @bc2b310
+++ b/app/Entity.php
View file @bc2b310
@@ -87,8 +87,8 @@ abstract class Entity extends Model
      */
     public function getShortName($length = 25)
     {
-        if(strlen($this->name) <= $length) return $this->name;
+        if (strlen($this->name) <= $length) return $this->name;
-        return substr($this->name, 0, $length-3) . '...';
+        return substr($this->name, 0, $length - 3) . '...';
     }
     /**
@@ -100,19 +100,34 @@ abstract class Entity extends Model
      */
     public static function fullTextSearchQuery($fieldsToSearch, $terms, $wheres = [])
     {
+        $exactTerms = [];
         foreach ($terms as $key => $term) {
-            $term = htmlentities($term);
+            $term = htmlentities($term, ENT_QUOTES);
+            $term =  preg_replace('/[+\-><\(\)~*\"@]+/', ' ', $term);
             if (preg_match('/\s/', $term)) {
+                $exactTerms[] = '%' . $term . '%';
                 $term = '"' . $term . '"';
+            } else {
+                $term = '' . $term . '*';
             }
-            $terms[$key] = $term . '*';
+            if ($term !== '*') $terms[$key] = $term;
         }
-        $termString = "'" . implode(' ', $terms) . "'";
+        $termString = implode(' ', $terms);
         $fields = implode(',', $fieldsToSearch);
-        $termStringEscaped = \DB::connection()->getPdo()->quote($termString);
+        $search = static::selectRaw('*, MATCH(name) AGAINST(? IN BOOLEAN MODE) AS title_relevance', [$termString]);
-        $search = static::addSelect(\DB::raw('*, MATCH(name) AGAINST('.$termStringEscaped.' IN BOOLEAN MODE) AS title_relevance'));
         $search = $search->whereRaw('MATCH(' . $fields . ') AGAINST(? IN BOOLEAN MODE)', [$termString]);
+        // Ensure at least one exact term matches if in search
+        if (count($exactTerms) > 0) {
+            $search = $search->where(function($query) use ($exactTerms, $fieldsToSearch) {
+                foreach ($exactTerms as $exactTerm) {
+                    foreach ($fieldsToSearch as $field) {
+                        $query->orWhere($field, 'like', $exactTerm);
+                    }
+                }
+            });
+        }
+
         // Add additional where terms
         foreach ($wheres as $whereTerm) {
             $search->where($whereTerm[0], $whereTerm[1], $whereTerm[2]);
--- a/app/Repos/BookRepo.php
View file @bc2b310
+++ b/app/Repos/BookRepo.php
View file @bc2b310
@@ -233,7 +233,9 @@ class BookRepo
         } else {
             $terms = [];
         }
-        $terms = array_merge($terms, explode(' ', $term));
+        if (!empty($term)) {
+            $terms = array_merge($terms, explode(' ', $term));
+        }
         $books = $this->book->fullTextSearchQuery(['name', 'description'], $terms)
             ->paginate($count)->appends($paginationAppends);
         $words = join('|', explode(' ', preg_quote(trim($term), '/')));
--- a/app/Repos/ChapterRepo.php
View file @bc2b310
+++ b/app/Repos/ChapterRepo.php
View file @bc2b310
@@ -138,7 +138,9 @@ class ChapterRepo
         } else {
             $terms = [];
         }
-        $terms = array_merge($terms, explode(' ', $term));
+        if (!empty($term)) {
+            $terms = array_merge($terms, explode(' ', $term));
+        }
         $chapters = $this->chapter->fullTextSearchQuery(['name', 'description'], $terms, $whereTerms)
             ->paginate($count)->appends($paginationAppends);
         $words = join('|', explode(' ', preg_quote(trim($term), '/')));