Skip to content

Y
yii2
Commit adb36e42 by Klimov Paul
Options

Usage of `yii\db\Expression` for the 'MATCH' statement fixed

parent b8c9d515
Showing with 21 additions and 7 deletions
extensions/sphinx/Connection.php
...@@ -132,15 +132,16 @@ class Connection extends \yii\db\Connection ...@@ -132,15 +132,16 @@ class Connection extends \yii\db\Connection
/** /**
* Escapes all special characters from 'MATCH' statement argument. * Escapes all special characters from 'MATCH' statement argument.
* Make sure you are using this method whenever composing 'MATCH' search statement. * Make sure you are using this method whenever composing 'MATCH' search statement.
* Note: this method does not perform quoting, you should place the result in the quotes manually.
* @param string $str string to be escaped. * @param string $str string to be escaped.
* @return string the properly escaped string. * @return string the properly escaped string.
*/ */
public function escapeMatchValue($str) public function escapeMatchValue($str)
{ {
return str_replace( return addslashes(str_replace(
['/', '"', "'", '(', ')', '|', '-', '!', '@', '~', '&', '^', '$', '=', "\x00", "\n", "\r", "\x1a"], ['/', '"', "'", '(', ')', '|', '-', '!', '@', '~', '&', '^', '$', '=', "\x00", "\n", "\r", "\x1a"],
['\\/', '\\"', "\\'", '\\(', '\\)', '\\|', '\\-', '\\!', '\\@', '\\~', '\\&', '\\^', '\\$', '\\=', "\\x00", "\\n", "\\r", "\\x1a"], ['\\/', '\\"', "\\'", '\\(', '\\)', '\\|', '\\-', '\\!', '\\@', '\\~', '\\&', '\\^', '\\$', '\\=', "\\x00", "\\n", "\\r", "\\x1a"],
$str $str
); ));
} }
} }
extensions/sphinx/QueryBuilder.php
...@@ -65,11 +65,9 @@ class QueryBuilder extends Object ...@@ -65,11 +65,9 @@ class QueryBuilder extends Object
if ($query->match !== null) { if ($query->match !== null) {
if ($query->match instanceof Expression) { if ($query->match instanceof Expression) {
$query->andWhere('MATCH(' . $query->match->expression . ')'); $query->andWhere('MATCH(' . $query->match->expression . ')');
$params = array_merge($query->match->params); $params = array_merge($params, $query->match->params);
} else { } else {
$phName = self::PARAM_PREFIX . count($params); $query->andWhere("MATCH('" . $this->db->escapeMatchValue($query->match) . "')");
$params[$phName] = $this->db->escapeMatchValue($query->match);
$query->andWhere('MATCH(' . $phName . ')');
} }
} }
......
tests/unit/extensions/sphinx/QueryTest.php
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
namespace yiiunit\extensions\sphinx; namespace yiiunit\extensions\sphinx;
use yii\db\Expression;
use yii\sphinx\Query; use yii\sphinx\Query;
/** /**
...@@ -41,7 +42,7 @@ class QueryTest extends SphinxTestCase ...@@ -41,7 +42,7 @@ class QueryTest extends SphinxTestCase
$command = $query->createCommand($this->getConnection(false)); $command = $query->createCommand($this->getConnection(false));
$this->assertContains('MATCH(', $command->getSql(), 'No MATCH operator present!'); $this->assertContains('MATCH(', $command->getSql(), 'No MATCH operator present!');
$this->assertContains($match, $command->params, 'No match query among params!'); $this->assertContains($match, $command->getSql(), 'No match query in SQL!');
} }
public function testWhere() public function testWhere()
...@@ -284,4 +285,18 @@ class QueryTest extends SphinxTestCase ...@@ -284,4 +285,18 @@ class QueryTest extends SphinxTestCase
->all($connection); ->all($connection);
$this->assertNotEmpty($rows); $this->assertNotEmpty($rows);
} }
/**
* @depends testMatchSpecialCharValue
*/
public function testMatchComplex()
{
$connection = $this->getConnection();
$query = new Query;
$rows = $query->from('yii2_test_article_index')
->match(new Expression("'@(content) " . $connection->escapeMatchValue('about"') . "'"))
->all($connection);
$this->assertNotEmpty($rows);
}
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment