From db012cfa8c951656d02832e07cd3b74f1397fa10 Mon Sep 17 00:00:00 2001 From: Sarjuuk Date: Fri, 7 Dec 2018 21:35:30 +0100 Subject: [PATCH] Page/Search * dropped support of wildcard characters * search for literal usage of underscore --- includes/basetype.class.php | 4 ++-- includes/types/achievement.class.php | 4 ++-- includes/types/areatrigger.class.php | 12 ++++++------ includes/types/arenateam.class.php | 2 +- includes/types/creature.class.php | 4 ++-- includes/types/enchantment.class.php | 12 ++++++------ includes/types/gameobject.class.php | 2 +- includes/types/guild.class.php | 2 +- includes/types/icon.class.php | 2 +- includes/types/item.class.php | 4 ++-- includes/types/itemset.class.php | 4 ++-- includes/types/profile.class.php | 4 ++-- includes/types/quest.class.php | 2 +- includes/types/sound.class.php | 2 +- includes/types/spell.class.php | 4 ++-- pages/search.php | 26 ++++++++++++++------------ static/js/locale_dede.js | 2 +- 17 files changed, 47 insertions(+), 45 deletions(-) diff --git a/includes/basetype.class.php b/includes/basetype.class.php index 6013d116..15b4d1b4 100644 --- a/includes/basetype.class.php +++ b/includes/basetype.class.php @@ -1204,9 +1204,9 @@ protected function modularizeString(array $fields, $string = '', $exact = false, foreach ($parts as $p) { if ($p[0] == '-' && (mb_strlen($p) > 3 || $shortStr)) - $sub[] = [$f, sprintf($exPH, mb_substr($p, 1)), '!']; + $sub[] = [$f, sprintf($exPH, str_replace('_', '\\_', mb_substr($p, 1))), '!']; else if ($p[0] != '-' && (mb_strlen($p) > 2 || $shortStr)) - $sub[] = [$f, sprintf($exPH, $p)]; + $sub[] = [$f, sprintf($exPH, str_replace('_', '\\_', $p))]; } // single cnd? diff --git a/includes/types/achievement.class.php b/includes/types/achievement.class.php index 340c6ec5..eef0b95c 100644 --- a/includes/types/achievement.class.php +++ b/includes/types/achievement.class.php @@ -319,8 +319,8 @@ class AchievementListFilter extends Filter protected $inputFields = array( 'cr' => [FILTER_V_RANGE, [2, 18], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 99999]], true ], // criteria operators - 'crv' => [FILTER_V_REGEX, '/[\p{C};:]/ui', true ], // criteria values - only printable chars, no delimiters - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name / description - only printable chars, no delimiter + 'crv' => [FILTER_V_REGEX, '/[\p{C};:%\\\\]/ui', true ], // criteria values - only printable chars, no delimiters + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name / description - only printable chars, no delimiter 'ex' => [FILTER_V_EQUAL, 'on', false], // extended name search 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'si' => [FILTER_V_LIST, [1, 2, 3, -1, -2], false], // side diff --git a/includes/types/areatrigger.class.php b/includes/types/areatrigger.class.php index 36d621a5..27d6dd57 100644 --- a/includes/types/areatrigger.class.php +++ b/includes/types/areatrigger.class.php @@ -70,12 +70,12 @@ class AreaTriggerListFilter extends Filter // fieldId => [checkType, checkValue[, fieldIsArray]] protected $inputFields = array( - 'cr' => [FILTER_V_LIST, [2], true ], // criteria ids - 'crs' => [FILTER_V_RANGE, [1, 6], true ], // criteria operators - 'crv' => [FILTER_V_RANGE, [0, 99999], true ], // criteria values - all criteria are numeric here - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter - 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter - 'ty' => [FILTER_V_RANGE, [0, 5], true ] // types + 'cr' => [FILTER_V_LIST, [2], true ], // criteria ids + 'crs' => [FILTER_V_RANGE, [1, 6], true ], // criteria operators + 'crv' => [FILTER_V_RANGE, [0, 99999], true ], // criteria values - all criteria are numeric here + 'na' => [FILTER_V_REGEX, '/[\p{C};\\\\]/ui', false], // name - only printable chars, no delimiter + 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter + 'ty' => [FILTER_V_RANGE, [0, 5], true ] // types ); protected function createSQLForCriterium(&$cr) diff --git a/includes/types/arenateam.class.php b/includes/types/arenateam.class.php index 7bb5ebc8..259af976 100644 --- a/includes/types/arenateam.class.php +++ b/includes/types/arenateam.class.php @@ -47,7 +47,7 @@ class ArenaTeamListFilter extends Filter // fieldId => [checkType, checkValue[, fieldIsArray]] protected $inputFields = array( - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'ex' => [FILTER_V_EQUAL, 'on', false], // only match exact 'si' => [FILTER_V_LIST, [1, 2], false], // side diff --git a/includes/types/creature.class.php b/includes/types/creature.class.php index c22c3b6b..83a113f8 100644 --- a/includes/types/creature.class.php +++ b/includes/types/creature.class.php @@ -335,8 +335,8 @@ class CreatureListFilter extends Filter protected $inputFields = array( 'cr' => [FILTER_V_LIST, [[1, 3],[5, 12], 15, 16, [18, 25], [27, 29], [31, 35], 37, 38, [40, 44]], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 9999]], true ], // criteria operators - 'crv' => [FILTER_V_REGEX, '/[\p{C}:;]/ui', true ], // criteria values - only printable chars, no delimiter - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name / subname - only printable chars, no delimiter + 'crv' => [FILTER_V_REGEX, '/[\p{C}:;%\\\\]/ui', true ], // criteria values - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name / subname - only printable chars, no delimiter 'ex' => [FILTER_V_EQUAL, 'on', false], // also match subname 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'fa' => [FILTER_V_CALLBACK, 'cbPetFamily', true ], // pet family [list] - cat[0] == 1 diff --git a/includes/types/enchantment.class.php b/includes/types/enchantment.class.php index f2e7ef5f..1c4cf56a 100644 --- a/includes/types/enchantment.class.php +++ b/includes/types/enchantment.class.php @@ -307,12 +307,12 @@ class EnchantmentListFilter extends Filter // fieldId => [checkType, checkValue[, fieldIsArray]] protected $inputFields = array( - 'cr' => [FILTER_V_RANGE, [2, 123], true ], // criteria ids - 'crs' => [FILTER_V_RANGE, [1, 15], true ], // criteria operators - 'crv' => [FILTER_V_RANGE, [0, 99999], true ], // criteria values - only numerals - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter - 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter - 'ty' => [FILTER_V_RANGE, [1, 8], true ] // types + 'cr' => [FILTER_V_RANGE, [2, 123], true ], // criteria ids + 'crs' => [FILTER_V_RANGE, [1, 15], true ], // criteria operators + 'crv' => [FILTER_V_RANGE, [0, 99999], true ], // criteria values - only numerals + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter + 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter + 'ty' => [FILTER_V_RANGE, [1, 8], true ] // types ); protected function createSQLForCriterium(&$cr) diff --git a/includes/types/gameobject.class.php b/includes/types/gameobject.class.php index 93617d1d..dbb05fe0 100644 --- a/includes/types/gameobject.class.php +++ b/includes/types/gameobject.class.php @@ -170,7 +170,7 @@ class GameObjectListFilter extends Filter 'cr' => [FILTER_V_LIST, [[1, 5], 7, 11, 13, 15, 16, 18, 50], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 5000]], true ], // criteria operators 'crv' => [FILTER_V_RANGE, [0, 99999], true ], // criteria values - only numeric input values expected - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter 'ma' => [FILTER_V_EQUAL, 1, false] // match any / all filter ); diff --git a/includes/types/guild.class.php b/includes/types/guild.class.php index 06629210..a91d53f8 100644 --- a/includes/types/guild.class.php +++ b/includes/types/guild.class.php @@ -90,7 +90,7 @@ class GuildListFilter extends Filter // fieldId => [checkType, checkValue[, fieldIsArray]] protected $inputFields = array( - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'ex' => [FILTER_V_EQUAL, 'on', false], // only match exact 'si' => [FILTER_V_LIST, [1, 2], false], // side diff --git a/includes/types/icon.class.php b/includes/types/icon.class.php index 94ce25c0..71f3bf0c 100644 --- a/includes/types/icon.class.php +++ b/includes/types/icon.class.php @@ -135,7 +135,7 @@ class IconListFilter extends Filter 'cr' => [FILTER_V_LIST, [1, 2, 3, 6, 9, 11, 13], true ], // criteria ids 'crs' => [FILTER_V_RANGE, [1, 6], true ], // criteria operators 'crv' => [FILTER_V_RANGE, [0, 99999], true ], // criteria values - all criteria are numeric here - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter 'ma' => [FILTER_V_EQUAL, 1, false] // match any / all filter ); diff --git a/includes/types/item.class.php b/includes/types/item.class.php index eafb3081..9fea7665 100644 --- a/includes/types/item.class.php +++ b/includes/types/item.class.php @@ -1948,10 +1948,10 @@ class ItemListFilter extends Filter 'gm' => [FILTER_V_LIST, [2, 3, 4], false], // gem rarity for weight calculation 'cr' => [FILTER_V_RANGE, [1, 177], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 99999]], true ], // criteria operators - 'crv' => [FILTER_V_REGEX, '/[\p{C};:]/ui', true ], // criteria values - only printable chars, no delimiters + 'crv' => [FILTER_V_REGEX, '/[\p{C};:%\\\\]/ui', true ], // criteria values - only printable chars, no delimiters 'upg' => [FILTER_V_RANGE, [1, 999999], true ], // upgrade item ids 'gb' => [FILTER_V_LIST, [0, 1, 2, 3], false], // search result grouping - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'ub' => [FILTER_V_LIST, [[1, 9], 11], false], // usable by classId 'qu' => [FILTER_V_RANGE, [0, 7], true ], // quality ids diff --git a/includes/types/itemset.class.php b/includes/types/itemset.class.php index 87fd3acb..d061f6eb 100644 --- a/includes/types/itemset.class.php +++ b/includes/types/itemset.class.php @@ -186,8 +186,8 @@ class ItemsetListFilter extends Filter protected $inputFields = array( 'cr' => [FILTER_V_RANGE, [2, 12], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 424]], true ], // criteria operators - 'crv' => [FILTER_V_REGEX, '/[\p{C};:]/ui', true ], // criteria values - only printable chars, no delimiters - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name / description - only printable chars, no delimiter + 'crv' => [FILTER_V_REGEX, '/[\p{C};:%\\\\]/ui', true ], // criteria values - only printable chars, no delimiters + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name / description - only printable chars, no delimiter 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'qu' => [FILTER_V_RANGE, [0, 7], true ], // quality 'ty' => [FILTER_V_RANGE, [1, 12], true ], // set type diff --git a/includes/types/profile.class.php b/includes/types/profile.class.php index 20709889..ec777362 100644 --- a/includes/types/profile.class.php +++ b/includes/types/profile.class.php @@ -287,8 +287,8 @@ class ProfileListFilter extends Filter protected $inputFields = array( 'cr' => [FILTER_V_RANGE, [1, 36], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 5000]], true ], // criteria operators - 'crv' => [FILTER_V_REGEX, '/[\p{C};]/ui', true ], // criteria values - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter + 'crv' => [FILTER_V_REGEX, '/[\p{C}:;%\\\\]/ui', true ], // criteria values + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'ex' => [FILTER_V_EQUAL, 'on', false], // only match exact 'si' => [FILTER_V_LIST, [1, 2], false], // side diff --git a/includes/types/quest.class.php b/includes/types/quest.class.php index 560ea4cc..4ef1e8b5 100644 --- a/includes/types/quest.class.php +++ b/includes/types/quest.class.php @@ -469,7 +469,7 @@ class QuestListFilter extends Filter 'cr' => [FILTER_V_RANGE, [1, 45], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 99999]], true ], // criteria operators 'crv' => [FILTER_V_REGEX, '/\D/', true ], // criteria values - only numerals - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name / text - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name / text - only printable chars, no delimiter 'ex' => [FILTER_V_EQUAL, 'on', false], // also match subname 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'minle' => [FILTER_V_RANGE, [1, 99], false], // min quest level diff --git a/includes/types/sound.class.php b/includes/types/sound.class.php index a37fed20..db13c372 100644 --- a/includes/types/sound.class.php +++ b/includes/types/sound.class.php @@ -105,7 +105,7 @@ class SoundListFilter extends Filter { // fieldId => [checkType, checkValue[, fieldIsArray]] protected $inputFields = array( - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name - only printable chars, no delimiter + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name - only printable chars, no delimiter 'ty' => [FILTER_V_LIST, [[1, 4], 6, 9, 10, 12, 13, 14, 16, 17, [19, 23], [25, 31], 50, 52, 53], true ] // type ); diff --git a/includes/types/spell.class.php b/includes/types/spell.class.php index 03ee31f1..c518241f 100644 --- a/includes/types/spell.class.php +++ b/includes/types/spell.class.php @@ -2504,8 +2504,8 @@ class SpellListFilter extends Filter protected $inputFields = array( 'cr' => [FILTER_V_RANGE, [1, 116], true ], // criteria ids 'crs' => [FILTER_V_LIST, [FILTER_ENUM_NONE, FILTER_ENUM_ANY, [0, 99999]], true ], // criteria operators - 'crv' => [FILTER_V_REGEX, '/[\p{C};:]/ui', true ], // criteria values - only printable chars, no delimiters - 'na' => [FILTER_V_REGEX, '/[\p{C};]/ui', false], // name / text - only printable chars, no delimiter + 'crv' => [FILTER_V_REGEX, '/[\p{C};:%\\\\]/ui', true ], // criteria values - only printable chars, no delimiters + 'na' => [FILTER_V_REGEX, '/[\p{C};%\\\\]/ui', false], // name / text - only printable chars, no delimiter 'ex' => [FILTER_V_EQUAL, 'on', false], // extended name search 'ma' => [FILTER_V_EQUAL, 1, false], // match any / all filter 'minle' => [FILTER_V_RANGE, [1, 99], false], // spell level min diff --git a/pages/search.php b/pages/search.php index b9fa3074..1c50c0b2 100644 --- a/pages/search.php +++ b/pages/search.php @@ -53,8 +53,8 @@ class SearchPage extends GenericPage public function __construct($pageCall, $pageParam) { - $this->search = trim(urlDecode($pageParam)); - $this->query = strtr($this->search, '?*', '_%'); + $this->search = + $this->query = trim(urlDecode($pageParam)); // restricted access if ($this->reqUGroup && !User::isInGroup($this->reqUGroup)) @@ -124,23 +124,25 @@ private function tokenizeQuery() if (!$this->query) return; - foreach (explode(' ', $this->query) as $p) + foreach (explode(' ', $this->query) as $raw) { - if (!$p) // multiple spaces + $clean = str_replace(['\\', '%'], '', $raw); + + if (!$clean) // multiple spaces continue; - else if ($p[0] == '-') + else if ($clean[0] == '-') { - if (mb_strlen($p) < 4) - $this->invalid[] = mb_substr($p, 1); + if (mb_strlen($clean) < 4) + $this->invalid[] = mb_substr($raw, 1); else - $this->excluded[] = mb_substr($p, 1); + $this->excluded[] = mb_substr(str_replace('_', '\\_', $clean), 1); } - else if ($p !== '') + else if ($clean !== '') { - if (mb_strlen($p) < 3) - $this->invalid[] = $p; + if (mb_strlen($clean) < 3) + $this->invalid[] = $raw; else - $this->included[] = $p; + $this->included[] = str_replace('_', '\\_', $clean); } } } diff --git a/static/js/locale_dede.js b/static/js/locale_dede.js index 47820d90..667db5d7 100644 --- a/static/js/locale_dede.js +++ b/static/js/locale_dede.js @@ -2593,7 +2593,7 @@ var LANG = { user: "Benutzer", views: "Ansichten", userpage: "Benutzerseite", - wins: "Siegt", + wins: "Siege", when: "Wann", today: "heute", yes: "Ja",