[open-ils-commits] r19985 - branches/rel_2_0/Open-ILS/src/perlmods/OpenILS/Application/Storage/Publisher (dbs)

svn at svn.open-ils.org svn at svn.open-ils.org
Mon Apr 4 23:24:32 EDT 2011 

Author: dbs
Date: 2011-04-04 23:24:29 -0400 (Mon, 04 Apr 2011)
New Revision: 19985

Modified:
   branches/rel_2_0/Open-ILS/src/perlmods/OpenILS/Application/Storage/Publisher/actor.pm
Log:
Prevent patron search from returning horrible errors on regexian input
    
Add a utility method, _clean_regex_chars(), to filter common regex
characters out of input values.  When these characters are passed to
database SIMILAR searches, strange things (generally ugly errors) can
happen - so filter them out.


Modified: branches/rel_2_0/Open-ILS/src/perlmods/OpenILS/Application/Storage/Publisher/actor.pm
===================================================================
--- branches/rel_2_0/Open-ILS/src/perlmods/OpenILS/Application/Storage/Publisher/actor.pm	2011-04-05 03:23:11 UTC (rev 19984)
+++ branches/rel_2_0/Open-ILS/src/perlmods/OpenILS/Application/Storage/Publisher/actor.pm	2011-04-05 03:24:29 UTC (rev 19985)
@@ -613,7 +613,13 @@
 	NOTE
 );
 
+sub _clean_regex_chars {
+    my ($search) = @_;
 
+    $search =~ tr/\\.[]()?*+{}^$//d;
+    return $search;
+}
+
 sub patron_search {
 	my $self = shift;
 	my $client = shift;
@@ -642,15 +648,15 @@
 	# group 3 = barcode
 
 	my $usr = join ' AND ', map { "evergreen.lowercase(CAST($_ AS text)) ~ ?" } grep { ''.$$search{$_}{group} eq '0' } keys %$search;
-	my @usrv = map { "^" . $$search{$_}{value} } grep { ''.$$search{$_}{group} eq '0' } keys %$search;
+	my @usrv = map { "^" . _clean_regex_chars($$search{$_}{value}) } grep { ''.$$search{$_}{group} eq '0' } keys %$search;
 
 	my $addr = join ' AND ', map { "evergreen.lowercase(CAST($_ AS text)) ~ ?" } grep { ''.$$search{$_}{group} eq '1' } keys %$search;
-	my @addrv = map { "^" . $$search{$_}{value} } grep { ''.$$search{$_}{group} eq '1' } keys %$search;
+	my @addrv = map { "^" . _clean_regex_chars($$search{$_}{value}) } grep { ''.$$search{$_}{group} eq '1' } keys %$search;
 
-	my $pv = $$search{phone}{value};
-	my $iv = $$search{ident}{value};
-	my $nv = $$search{name}{value};
-	my $cv = $$search{card}{value};
+	my $pv = _clean_regex_chars($$search{phone}{value});
+	my $iv = _clean_regex_chars($$search{ident}{value});
+	my $nv = _clean_regex_chars($$search{name}{value});
+	my $cv = _clean_regex_chars($$search{card}{value});
 
 	my $card = '';
 	if ($cv) {

More information about the open-ils-commits mailing list