From 630724df2bc915a7641f6f27a60314053f3888d3 Mon Sep 17 00:00:00 2001 From: zmagod Date: Fri, 11 Nov 2016 11:41:23 +0100 Subject: [PATCH] strips the html tags from fearch query --- app/models/concerns/searchable_model.rb | 28 +++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/app/models/concerns/searchable_model.rb b/app/models/concerns/searchable_model.rb index eda69282f..38728db79 100644 --- a/app/models/concerns/searchable_model.rb +++ b/app/models/concerns/searchable_model.rb @@ -21,17 +21,33 @@ module SearchableModel end if query.is_a? Array - if (attrs.length > 0) + if attrs.length > 0 where_str = - (attrs.map.with_index { |a,i| "#{a} ILIKE ANY (array[ :t#{i}]) OR " }).join[0..-5] - vals = (attrs.map.with_index { |a,i| [ "t#{i}".to_sym, query ] }).to_h + (attrs.map.with_index do |a, i| + "REGEXP_REPLACE(#{a}, E'<.strong>|<.href>|<.div>|" \ + "<.link>|<.span>|<(.*)class(.*)>|<(.*)href(.*)>|" \ + "<(.*)data(.*)>|<.sub>|<.sup>|<.blockquote>|<.li>|" \ + "<.ol>|<.ul>|<.pre>','', 'g')" \ + "ILIKE ANY (array[ :t#{i}]) OR " + end + ).join[0..-5] + vals = (attrs.map.with_index do |a, i| + ["t#{i}".to_sym, query] + end + ).to_h return where(where_str, vals) end else - if (attrs.length > 0) + if attrs.length > 0 where_str = - (attrs.map.with_index { |a,i| "#{a} ILIKE :t#{i} OR " }).join[0..-5] + (attrs.map.with_index do |a, i| + "REGEXP_REPLACE(#{a}, E'<.strong>|<.href>|<.div>|" \ + "<.link>|<.span>|<(.*)class(.*)>|<(.*)href(.*)>|<(.*)data(.*)>|" \ + "<.sub>|<.sup>|<.blockquote>|<.li>|<.ol>|<.ul>|<.pre>'," \ + " '', 'g' ) ILIKE :t#{i} OR " + end + ).join[0..-5] vals = (attrs.map.with_index { |a,i| [ "t#{i}".to_sym, "%#{query}%" ] }).to_h return where(where_str, vals) @@ -39,4 +55,4 @@ module SearchableModel end end end -end \ No newline at end of file +end