litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-3298 Use SparqlQueryUtils.escapeForRegex() to properly handle special characters in the query term.

Browse source
This commit is contained in:
j2blake 2011-11-11 22:07:49 +00:00
parent 402f06beb6
commit 6d8494f7f6
3 changed files with 9 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/admin/ajax/ProfileAutoCompleter.java
View file

@ -30,6 +30,7 @@ import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.ajax.AbstractAjaxResponder;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
import edu.cornell.mannlib.vitro.webapp.utils.SparqlQueryUtils;
/**
* Get a list of Profiles with last names that begin with this search term, and
@ -122,9 +123,10 @@ class ProfileAutoCompleter extends AbstractAjaxResponder {
}
private String prepareQueryString() {
String cleanTerm = SparqlQueryUtils.escapeForRegex(term);
String queryString = QUERY_TEMPLATE
.replace("%matchingPropertyUri%", selfEditingIdMatchingProperty)
.replace("%searchTerm%", term)
.replace("%searchTerm%", cleanTerm)
.replace("%externalAuthId%", externalAuthId);
log.debug("Query string is '" + queryString + "'");
return queryString;

4
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/manageproxies/ajax/BasicProfilesGetter.java
View file

@ -24,6 +24,7 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
import edu.cornell.mannlib.vitro.webapp.utils.ImageUtil;
import edu.cornell.mannlib.vitro.webapp.utils.SparqlQueryRunner;
import edu.cornell.mannlib.vitro.webapp.utils.SparqlQueryUtils;
/**
* Get the basic auto-complete info for the profile selection.
@ -68,8 +69,9 @@ public class BasicProfilesGetter extends AbstractAjaxResponder {
if (term.isEmpty()) {
return EMPTY_RESPONSE;
} else {
String cleanTerm = SparqlQueryUtils.escapeForRegex(term);
String queryStr = QUERY_BASIC_PROFILES.replace("%typesUnion%",
buildTypeClause()).replace("%term%", term);
buildTypeClause()).replace("%term%", cleanTerm);
JSONArray jsonArray = new SparqlQueryRunner<JSONArray>(fullModel,
new BasicProfileInfoParser()).executeQuery(queryStr);

4
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/accounts/manageproxies/ajax/BasicProxiesGetter.java
View file

@ -26,6 +26,7 @@ import edu.cornell.mannlib.vitro.webapp.dao.jena.ModelContext;
import edu.cornell.mannlib.vitro.webapp.dao.jena.OntModelSelector;
import edu.cornell.mannlib.vitro.webapp.utils.ImageUtil;
import edu.cornell.mannlib.vitro.webapp.utils.SparqlQueryRunner;
import edu.cornell.mannlib.vitro.webapp.utils.SparqlQueryUtils;
/**
* Get the basic auto-complete info for the proxy selection.
@ -73,7 +74,8 @@ public class BasicProxiesGetter extends AbstractAjaxResponder {
if (term.isEmpty()) {
return EMPTY_RESPONSE;
} else {
String queryStr = QUERY_BASIC_PROXIES.replace("%term%", term);
String cleanTerm = SparqlQueryUtils.escapeForRegex(term);
String queryStr = QUERY_BASIC_PROXIES.replace("%term%", cleanTerm);
JSONArray jsonArray = new SparqlQueryRunner<JSONArray>(
userAccountsModel, new BasicProxyInfoParser(