From 51b2592f671e7718ebbed2ec80dcd709ec7bc8d3 Mon Sep 17 00:00:00 2001 From: Martin Georgiev Date: Tue, 21 Nov 2017 17:58:06 +0000 Subject: [PATCH 1/4] Remove "<" and ">" as they cannot be escaped --- lib/Elastica/Util.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/lib/Elastica/Util.php b/lib/Elastica/Util.php index 518116e691..be27e4199b 100644 --- a/lib/Elastica/Util.php +++ b/lib/Elastica/Util.php @@ -106,11 +106,19 @@ public static function escapeTerm($term) { $result = $term; // \ escaping has to be first, otherwise escaped later once again - $chars = ['\\', '+', '-', '&&', '||', '!', '(', ')', '{', '}', '[', ']', '^', '"', '~', '*', '?', ':', '/', '<', '>']; + $escapableChars = ['\\', '+', '-', '&&', '||', '!', '(', ')', '{', '}', '[', ']', '^', '"', '~', '*', '?', ':', '/']; - foreach ($chars as $char) { + foreach ($escapableChars as $char) { $result = str_replace($char, '\\'.$char, $result); } + + // < and > cannot be escaped, so they should be removed + // @see https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html#_reserved_characters + $nonEscapableChars = ['<', '>']; + + foreach ($nonEscapableChars as $char) { + $result = str_replace($char, '', $result); + } return $result; } From 10bb1e34d20be0fc00c61264cc592c83e6eaa185 Mon Sep 17 00:00:00 2001 From: Martin Georgiev Date: Tue, 21 Nov 2017 18:38:44 +0000 Subject: [PATCH 2/4] Update unit test --- test/Elastica/UtilTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/Elastica/UtilTest.php b/test/Elastica/UtilTest.php index 97996b935d..fc52ad0079 100644 --- a/test/Elastica/UtilTest.php +++ b/test/Elastica/UtilTest.php @@ -109,7 +109,7 @@ public function getReplaceBooleanWordsPairs() public function testEscapeTermSpecialCharacters() { $before = '\\+-&&||!(){}[]^"~*?:/<>'; - $after = '\\\\\\+\\-\\&&\\||\\!\\(\\)\\{\\}\\[\\]\\^\\"\\~\\*\\?\\:\\/\<\>'; + $after = '\\\\\\+\\-\\&&\\||\\!\\(\\)\\{\\}\\[\\]\\^\\"\\~\\*\\?\\:\\/'; $this->assertEquals(Util::escapeTerm($before), $after); } From 12c2213175c1cf5f4a86bf522b4c61e44c24f371 Mon Sep 17 00:00:00 2001 From: Martin Georgiev Date: Wed, 22 Nov 2017 12:12:16 +0000 Subject: [PATCH 3/4] Update CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fbfeadfa11..cc079a3c83 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,7 @@ All notable changes to this project will be documented in this file based on the ### Backward Compatibility Breaks ### Bugfixes +- Characters "<" and ">" will be removed when a query term is passed to [`Util::escapeTerm`](https://github.com/ruflin/Elastica/pull/1415/files). Since v5.1 the [documentation](https://www.elastic.co/guide/en/elasticsearch/reference/5.1/query-dsl-query-string-query.html#_reserved_characters) states that these symbols cannot be escaped ever. ### Added From 9fa9fa1c0c6bc05c290d0533aba544fdf65f4c86 Mon Sep 17 00:00:00 2001 From: Martin Georgiev Date: Wed, 29 Nov 2017 00:32:24 +0000 Subject: [PATCH 4/4] Update method description --- lib/Elastica/Util.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/Elastica/Util.php b/lib/Elastica/Util.php index be27e4199b..6e5044634e 100644 --- a/lib/Elastica/Util.php +++ b/lib/Elastica/Util.php @@ -72,12 +72,12 @@ public static function escapeDateMath($requestUri) } /** - * Replace the following reserved words: AND OR NOT + * Replace known reserved words (e.g. AND OR NOT) * and - * escapes the following terms: + - && || ! ( ) { } [ ] ^ " ~ * ? : \. + * escape known special characters (e.g. + - && || ! ( ) { } [ ] ^ " ~ * ? : etc.) * - * @link http://lucene.apache.org/java/2_4_0/queryparsersyntax.html#Boolean%20operators - * @link http://lucene.apache.org/java/2_4_0/queryparsersyntax.html#Escaping%20Special%20Characters + * @link https://www.elastic.co/guide/en/elasticsearch/reference/5.1/query-dsl-query-string-query.html#_boolean_operators + * @link https://www.elastic.co/guide/en/elasticsearch/reference/5.1/query-dsl-query-string-query.html#_reserved_characters * * @param string $term Query term to replace and escape *