<![CDATA[ [solved] The character " ' " and logging search results - My Forums]]> https://forums.modx.com/thread/?thread=48408 <![CDATA[Re: The character &quot; ' &quot; and logging search results]]> https://forums.modx.com/thread/48408/solved-the-character-and-logging-search-results#dis-post-279912
thank you for the fix - i downloaded the newest version of AS 1.92 and everything is fine.]]> Mithrandir Dec 11, 2010, 01:34 AM https://forums.modx.com/thread/48408/solved-the-character-and-logging-search-results#dis-post-279912 <![CDATA[Re: The character &quot; ' &quot; and logging search results]]> https://forums.modx.com/thread/48408/solved-the-character-and-logging-search-results#dis-post-279911 Thanks Mithrandir for this feedback. Issue registered as AJAXSEARCH-83.

For ajaxSearch 1.9.1 to fix this issue, replace the code line #107 by:
        $asString = mysql_real_escape_string($rs['searchString']);

Or simply dowload the attached file, remove the .txt extension and drop the file in the classes folder.

I have updated the release 1.9.2 with this fix, you can download it from the site (new svn id = 319).
Apologies for those who have already downloaded this new version.
]]> coroico Dec 10, 2010, 07:33 PM https://forums.modx.com/thread/48408/solved-the-character-and-logging-search-results#dis-post-279911 <![CDATA[ [solved] The character &quot; ' &quot; and logging search results]]> https://forums.modx.com/thread/48408/solved-the-character-and-logging-search-results#dis-post-279910
i got a problem with logging of (successful) search results, containing the character " ’ ".

If i search "ski" on http://www.modx.wangba.fr/index.php?id=245 i’ll find http://www.modx.wangba.fr/index.php?id=131 (and more), with this content:
[...] or eastern borderlands of the second Polish Republic. Much of Kapu?ci?ski’s work is considered to ascend to the heights of literature.[...]


If i search "ski’s" on http://www.modx.wangba.fr/index.php?id=245 there will be an sql-error because of the insert statement :
« Execution of a query to the database failed - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ’s’,’1’,’131’,’’,’[!AjaxSearch? &debug=`1` &ajaxSearch=`0` &category=`articleCate’ at line 3 »
SQL: INSERT INTO `db216428098`.`mdx1_ajaxsearch_log` ( searchstring, nb_results, results, comment, as_call, as_select, ip ) VALUES (’skis’,’1’,’131’,’’,’[!AjaxSearch?

I don’t know how to implement a stripInput-Function, but i think that inserting " ’ " should be cleaned, or masked with "\" by default (like in criterions, the search itself). What do you think?


I tested with Ajax Search 1.90 and AjaxSearch 1.91 (ajaxSearch191_7219) and coroico’s site.

]]> Mithrandir Nov 30, 2010, 03:03 PM https://forums.modx.com/thread/48408/solved-the-character-and-logging-search-results#dis-post-279910