News:

Join the Facebook Fan Page.

Main Menu

can't search & symbol

Started by layer, November 18, 2010, 01:12:54 PM

Previous topic - Next topic

layer

hello,

i'm trying to search some IDs but is not working,
for exemple:

PCI\VEN_10DE&DEV_0322 - > can't find

DEV_0322 -> OK

is this normal? i have RC4 version.

Thank you

IchBin™

See if escaping that character does anything.

PCI\VEN_10DE\&DEV_0322

or

PCI\\VEN_10DE\&DEV_0322
IchBin™        TinyPortal

layer


IchBin™

Does it only happen with the "&" if it's in the word? What I mean is, is there a difference between searching for PCI\VEN_10DE&DEV_0322 and PCI\VEN_10DE & DEV_0322 (notice spaces). Just trying to narrow down how the search is affected. I did a quick test on my site and can't replicated the issue ATM. Does it help if surround in quotes?
"PCI\VEN_10DE&DEV_0322"
IchBin™        TinyPortal

layer

"PCI\VEN_10DE&DEV_0322" - > no results

PCI\VEN_10DE & DEV_0322 -> Each word must be at least two characters long.

PCI\VEN_10DE DEV_032 -> correct results

IchBin™

#5
Hmm.... could be a bug. I don't have a way to verify it ATM. I'll go ahead and put it into the bugtracker for the dev's to look into. What version of SMF are you using?

--edit--
Added to bugtracker.
http://dev.simplemachines.org/mantis/view.php?id=4539
IchBin™        TinyPortal

layer


Joshua Dickerson

What kind of search are you using? Any errors in the error log?

Does PCI\VEN_10DE&DEV_0322 work? Does using phrase search work "PCI\VEN_10DE&DEV_0322" or "PCI\VEN_10DE&DEV_0322" (be sure to use the quotes).

Does anyone know if these problems occur on SMF 1.1? Anyone else experiencing similar problems?
Come work with me at Promenade Group



Need help? See the wiki. Want to help SMF? See the wiki!

Did you know you can help develop SMF? See us on Github.

How have you bettered the world today?

Illori


layer


layer

Quote from: groundup on January 27, 2011, 09:38:32 PM
What kind of search are you using? Any errors in the error log?

Does PCI\VEN_10DE&DEV_0322 work? Does using phrase search work "PCI\VEN_10DE&DEV_0322" or "PCI\VEN_10DE&DEV_0322" (be sure to use the quotes).

Does anyone know if these problems occur on SMF 1.1? Anyone else experiencing similar problems?

"PCI\VEN_10DE&DEV_0322" that works :O

Joshua Dickerson

That makes sense since everything is converted to its HTML equivalent.
Come work with me at Promenade Group



Need help? See the wiki. Want to help SMF? See the wiki!

Did you know you can help develop SMF? See us on Github.

How have you bettered the world today?

SlammedDime

Which is a very very bad problem on SMF's part... data should be escaped based on the medium to which it's going (html entities shouldn't be escaped when going into a database, they should be escaped upon output to the web browser)
SlammedDime
Former Lead Customizer
BitBucket Projects
GeekStorage.com Hosting
                      My Mods
SimpleSEF
Ajax Quick Reply
Sitemap
more...
                     

layer

Quote from: SlammedDime on January 29, 2011, 07:50:08 PM
Which is a very very bad problem on SMF's part... data should be escaped based on the medium to which it's going (html entities shouldn't be escaped when going into a database, they should be escaped upon output to the web browser)

one day we will talk with the computer in binary format and problem solved :D :D

Arantor

Nothing gets into the DB without at least htmlspecialchars. You should see the mess preparsecode makes of posts (like converting ' to an entity, and replacing newlines with the br tag)

Joshua Dickerson

It means less parsing at run-time. I understand what you're saying, SD, but it seems like a waste.
Come work with me at Promenade Group



Need help? See the wiki. Want to help SMF? See the wiki!

Did you know you can help develop SMF? See us on Github.

How have you bettered the world today?

Arantor

It also means that modders can always just dump stuff out of the database and know that it's safe to print without any concerns over XSS vulnerabilities.

So the search needs to be amended to convert entities to conventional characters both when building the index and when searching...

Advertisement: