From e924e2ece4512233fa5ad020fecce25307c715a2 Mon Sep 17 00:00:00 2001 From: Bibiko Date: Mon, 28 Sep 2009 13:58:30 +0000 Subject: =?UTF-8?q?=E2=80=A2=20improved=20and=20fixes=20escaping=20of=20fi?= =?UTF-8?q?lter=20arguments=20-=20'is=20(not)'=20and=20'contains=20(not)'?= =?UTF-8?q?=20are=20now=20defined=20as:=20take=20the=20argument=20literall?= =?UTF-8?q?y,=20ie=20%=20and=20=5F=20will=20be=20escaped=20automatically?= =?UTF-8?q?=20-=20in=20string=20fields=20one=20can=20look=20for=20\n=20,?= =?UTF-8?q?=20\r=20,=20\t=20-=20added=20LIKE=20and=20NOT=20LIKE=20operator?= =?UTF-8?q?s=20to=20strings=20to=20be=20more=20transparent=20-=20a=20routi?= =?UTF-8?q?ne=20detects=20automatically=20whether=20a=20placeholder=20was?= =?UTF-8?q?=20wrapped=20into=20'=20or=20"=20and=20if=20so=20'=20or=20"=20w?= =?UTF-8?q?ill=20be=20escaped?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Source/TableContent.h | 2 ++ Source/TableContent.m | 34 +++++++++++++++++++++++++++++++--- 2 files changed, 33 insertions(+), 3 deletions(-) (limited to 'Source') diff --git a/Source/TableContent.h b/Source/TableContent.h index a498189b..0993110a 100644 --- a/Source/TableContent.h +++ b/Source/TableContent.h @@ -129,4 +129,6 @@ - (void) storeCurrentDetailsForRestoration; - (void) clearDetailsToRestore; +- (NSString *)escapeFilterArgument:(NSString *)argument againstClause:(NSString *)clause; + @end diff --git a/Source/TableContent.m b/Source/TableContent.m index ed9cf237..ccf26181 100644 --- a/Source/TableContent.m +++ b/Source/TableContent.m @@ -568,7 +568,7 @@ [clause setString:[filter objectForKey:@"Clause"]]; // Escape % sign - [clause replaceOccurrencesOfRegex:@"%"withString:@"%%"]; + [clause replaceOccurrencesOfRegex:@"%" withString:@"%%"]; [clause flushCachedRegexData]; // Replace placeholder ${} by %@ @@ -597,11 +597,13 @@ if (numberOfArguments == 2) { filterString = [NSString stringWithFormat:@"%@ %@", [[fieldField titleOfSelectedItem] backtickQuotedString], - [NSString stringWithFormat:clause, firstBetweenArgument, secondBetweenArgument]]; + [NSString stringWithFormat:clause, + [self escapeFilterArgument:firstBetweenArgument againstClause:clause], + [self escapeFilterArgument:secondBetweenArgument againstClause:clause]]]; } else if (numberOfArguments == 1) { filterString = [NSString stringWithFormat:@"%@ %@", [[fieldField titleOfSelectedItem] backtickQuotedString], - [NSString stringWithFormat:clause, argument]]; + [NSString stringWithFormat:clause, [self escapeFilterArgument:argument againstClause:clause]]]; } else { filterString = [NSString stringWithFormat:@"%@ %@", [[fieldField titleOfSelectedItem] backtickQuotedString], @@ -621,6 +623,32 @@ return filterString; } +- (NSString *)escapeFilterArgument:(NSString *)argument againstClause:(NSString *)clause +{ + + NSMutableString *arg = [[NSMutableString alloc] init]; + [arg setString:argument]; + + [arg replaceOccurrencesOfRegex:@"(\\\\)(?![nrt])" withString:@"\\\\\\\\\\\\\\\\"]; + [arg flushCachedRegexData]; + [arg replaceOccurrencesOfRegex:@"(\\\\)(?=[nrt])" withString:@"\\\\\\"]; + [arg flushCachedRegexData]; + + // Get quote sign for escaping - this should work for 99% of all cases + NSString *quoteSign = [clause stringByMatching:@"([\"'])[^\\1]*?%@[^\\1]*?\\1" capture:1L]; + // Esape argument + if(quoteSign != nil && [quoteSign length] == 1) { + [arg replaceOccurrencesOfRegex:[NSString stringWithFormat:@"(%@)", quoteSign] withString:@"\\\\$1"]; + [arg flushCachedRegexData]; + } + if([clause isMatchedByRegex:@"(?i)\\blike\\b.*?%(?!@)"]) { + NSLog(@"asdas", _cmd); + [arg replaceOccurrencesOfRegex:@"([_%])" withString:@"\\\\$1"]; + [arg flushCachedRegexData]; + } + return [arg autorelease]; +} + /* * Update the table count/selection text */ -- cgit v1.2.3