1. Janos SUTO Avatar Janos SUTO
  2. Piler
  3. piler
  4. Issues

query with / sign

Issue #1273 wontfix
Leszek Piatek created an issue

Trying to search: “https://facebook.com“

piler-searchd-1  | /* Wed Jan 18 16:21:08.676 2023 conn 831437 real 0.029 wall 0.029 found 0 */ SELECT id FROM piler1 WHERE MATCH(' https://facebook.com') ORDER BY sent DESC; /*error=index piler1: syntax error, unexpected '/' near '//' */

Searching escaped string works: “https:\\/\\/facebook.com“

piler-searchd-1  | /* Wed Jan 18 16:39:14.103 2023 conn 833620 real 0.001 wall 0.002 found 646 */ SELECT id FROM piler1 WHERE MATCH(' https:\\/\\/facebook.com') ORDER BY sent DESC;

Do we have more signs to escape?

Do you have idea how to fix it or it’s a feature? :)

Comments (15)

  3. Janos SUTO repo owner

    The parser splits the URLs, see it with pilertest. How about simply 

     body: facebook.com

    or more precisely:

    body: __URL__facebookXcom

  4. Leszek Piatek reporter

    But You can type / into search box and there is no error displayed or any escaping done before sending query to sphinx/manticore . Isn’t this a issue? Try to search any url with path or just any string with / in it. I think we should escape query before sending it to searchd…

    On UI side there is error 500 in console log and no results are returned.

  5. Janos SUTO repo owner

    The slash (/) character is a separator. If you carefully check the pilertest output I don’t think you can find any / characters in it. Thus manticore doesn’t even see anything having (/). Therefore you won’t find anything if searching for (/). Btw. as you can see, manticore doesn’t even like the slash character in the query.

  7. Janos SUTO repo owner

    You shouldn’t use any special characters that are not meant to instruct manticore like somewo* or “some phrase” or any operators. The tokens that are indexed are sanitized and special characters are removed.

  8. Leszek Piatek reporter

    What do You think about escaping / in query before sending it to manticore like `$query = str_replace('/', '\\/', $query);` ?

  9. Janos SUTO repo owner

    I still don’t understand your obsession about the slash (/). I told you before: the slash character is not in the text that is sent to be indexed by manticore. Thus no matter if you escape it or not all queries containing the slash will fail.

  10. Leszek Piatek reporter

    Janos excactly, all queries will fail and me as an end user do not know why? Do You think error 500 is ok?

    slash is used widely in URL’s so its quite common input as a query some, path etc?

    PS: I’m searching HTTPS not HTTP maybe this is the case that You are not understand because it’s not translated to __URL__facebookXcom ?

    piler-searchd-1 | / Tue Jan 24 20:47:55.108 2023 conn 1898744 real 0.000 wall 0.000 found 0 */ SELECT id FROM piler1 WHERE MATCH(' https://facebook.com')) ORDER BY sent DESC; /*error=index piler1: syntax error, unexpected '/' near '//facebook.com' */

  14. Leszek Piatek reporter

    Janos but this is a bug, piler is not informing end user about error in his input query, there should be information that / is forbidden or more general error if there is 500 returned from search-helper.php - something is wrong with your query, please make sure your query do not contain / or eny other forbidden character?

    Why excactly You don’t want to escape query before parsing and sending it to manticore?

  16. Log in to comment
Assignee
Type
bug
Priority
major
Status
wontfix
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!