modifiedcontent Posted December 23, 2018 Share Posted December 23, 2018 I have Ajax search that works fine in most of my site, except on pages with single quotes/apostrophes in the title. I get this error in the log: Exception: Unknown Selector operator: '=&' -- was your selector value properly escaped? The error log gives this clue: ... wire/core/Selectors.php(460): ProcessWire\Selectors->create('title', '=&', '#039;IoT is gro...') #1 ... ' is a single quote. " 'IoT is gro...' " is the start of the title of the page this search is on; the URL of that page includes ".../iot-is-gro ..." But that title is not the search term. I have double-checked if I have escaped the search terms correctly and if I have used correct single and double quotes in my Ajax and search code. Again, search works fine in most of the site. How does that title end up as a "selector value" anywhere? How does the title of the page that this search is on interfere with the selector operator? I can't figure it out. Could this be a bug? I have tried/explored just about everything else. Link to comment Share on other sites More sharing options...
szabesz Posted December 28, 2018 Share Posted December 28, 2018 Hello, Could you be more specific by showing us the actual code in action? Link to comment Share on other sites More sharing options...
modifiedcontent Posted January 20, 2019 Author Share Posted January 20, 2019 I have "solved" the issue by using window.location.origin as the ajax url. My ajax call now looks something like this: Spoiler <script> var jSearch = jQuery.noConflict(); jSearch(document).ready(function(){ var request; jSearch('#searchform').on('submit', function(e) { e.preventDefault(); jSearch('#found').show(); if (request) { request.abort(); } var form = jSearch(this); var inputs = form.find("input, select, button, textarea"); var serializedData = form.serialize(); inputs.prop("disabled", true); request = jSearch.ajax({ url: window.location.origin, type: "post", contentType: 'application/x-www-form-urlencoded', data: serializedData }); request.done(function (response, textStatus, jqXHR){ jSearch('#found').html( response ); }); request.fail(function (jqXHR, textStatus, errorThrown){ console.error( "The following error occurred: "+ textStatus, errorThrown ); }); request.always(function () { inputs.prop("disabled", false); }); }); }); </script> Leaving url out - using "self" as url - produces the error described above for urls based on titles starting with quotes. I wasn't able to figure out what/where/how to escape something to prevent that error. Bypassing problematic urls by using window.location.origin solves the problem. Or is there a better solution? Link to comment Share on other sites More sharing options...
flydev Posted January 21, 2019 Share Posted January 21, 2019 You should try to use the sanitizer in the way to remove entities and validate the selector : [...] $selector = "title%=" . $sanitizer->selectorValue($sanitizer->unentities($search_term)); $result = $pages->find($selector); [...] https://processwire.com/docs/selectors/#operators https://processwire.com/docs/selectors/#sanitizing Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now