Jump to content

Asterisk (*) in search query throws server error


Stefanowitsch
 Share

Recommended Posts

Hi There!

I am using the ProcessWire search function on a page and a client just told me that they encounter a server error when placing an asterisk symbol ( * ) into that field. PW Version is 3.0.200.

So basically what they type into the search field is something like

* string

This resolves in an error message:

Exception: Unrecognized operator: * (in /Users/XXXX/Sites/XXXXXXX/wire/core/Selectors.php line 411)

My selector looks like this:

$q = $input->get->text('q');

if ($q) {
	$input->whitelist('q', $q); 
	$events = $pages->find("search_cache%=$q, template=event, date_event>=today, sort=date_event, limit=6");
}

According to this link (https://github.com/processwire/processwire-issues/issues/1207) I found out that searching for '*' did work in the past but stopped in newer PW versions. I have an older site running on PW 3.0.164 and there is no error message there.

Link to comment
Share on other sites

6 hours ago, Stefanowitsch said:
$q = $input->get->text('q');

The sanitizer method intended for text that will be used as a selector value is $sanitizer->selectorValue(). See for example in Ryan's demo skyscrapers site.

By default this sanitizer will filter out the asterisk, presumably because it's a character used within some selector operators. But it looks like if you whitelist it in the $options argument and it will be retained and the error is avoided because the value gets wrapped in quotes.

$q = $sanitizer->selectorValue($input->get('q'), ['whitelist' => ['*']]);

 

  • Like 2
Link to comment
Share on other sites

14 hours ago, Stefanowitsch said:

Using the selectorValue sanitizer did the trick! I didn't even have to whitelist the asterisk.

Yes, but be aware that this resolves the error by simply stripping out the asterisk. Which might be okay if the asterisk isn't an important part of the search phrase, but if you want to match pages according to the presence of the asterisk then you'll need to whitelist it.

image.png.81436c98dd3f0d23d3e1555df88f6294.png

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...