From 7688c4a6285b3ac4647e44a67f0eafccb60fc9a5 Mon Sep 17 00:00:00 2001 From: Tomas Cohen Arazi Date: Wed, 30 Mar 2022 12:10:26 +0200 Subject: [PATCH] Bug 30393: Make datatables wrapper handle searching for %, _, \ MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit This patch makes searching for '%','_' and '\' work by escaping those symbols in the query before sending them to the API. To test: 1. Go to the cities page 2. Add two cities: - 'Cordoba %' - 'Buenos Aires _' - 'London \' 3. Use the column search on the name, alternating _, \ and % as the query => FAIL: Weird behavior 4. Apply this patch and reload 5. Repeat 3 => SUCCESS: Filtering works correctly! 6. Sign off :-D Signed-off-by: Tomas Cohen Arazi Signed-off-by: Séverine Queune Signed-off-by: Jonathan Druart Signed-off-by: Martin Renvoize Signed-off-by: Fridolin Somers Signed-off-by: Kyle M Hall --- koha-tmpl/intranet-tmpl/prog/js/datatables.js | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/koha-tmpl/intranet-tmpl/prog/js/datatables.js b/koha-tmpl/intranet-tmpl/prog/js/datatables.js index 0e7dadae7c..18357f5b95 100644 --- a/koha-tmpl/intranet-tmpl/prog/js/datatables.js +++ b/koha-tmpl/intranet-tmpl/prog/js/datatables.js @@ -583,8 +583,11 @@ jQuery.fn.dataTable.ext.errMode = function(settings, note, message) { _per_page: length }; - function build_query(col, value){ + + // escape SQL special characters + value = value.replace(/(\%|\_|\\)/g, "\\$1" ); + var parts = []; var attributes = col.data.split(':'); for (var i=0;i