From 349746bcef100765c6998124db08bcd0efa43db8 Mon Sep 17 00:00:00 2001 From: Arjay Angeles Date: Thu, 17 Nov 2022 14:59:32 +0800 Subject: [PATCH 1/4] fix: encode search keyword Fix #2901 --- src/Utilities/Request.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Utilities/Request.php b/src/Utilities/Request.php index fbbc6577..14957ec3 100644 --- a/src/Utilities/Request.php +++ b/src/Utilities/Request.php @@ -194,10 +194,10 @@ public function columnKeyword(int $index): string protected function prepareKeyword(float|array|int|string $keyword): string { if (is_array($keyword)) { - return implode(' ', $keyword); + $keyword = implode(' ', $keyword); } - return (string) $keyword; + return e((string) $keyword); } /** From a833a2c7c5d58f8b519f79c0bbefa313c476e69b Mon Sep 17 00:00:00 2001 From: Arjay Angeles Date: Thu, 17 Nov 2022 17:29:53 +0800 Subject: [PATCH 2/4] test: encoded search keyword --- tests/Integration/QueryDataTableTest.php | 25 ++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/tests/Integration/QueryDataTableTest.php b/tests/Integration/QueryDataTableTest.php index e3e20ccb..588d03dd 100644 --- a/tests/Integration/QueryDataTableTest.php +++ b/tests/Integration/QueryDataTableTest.php @@ -80,6 +80,31 @@ public function it_can_perform_global_search() ]); } + /** @test */ + public function it_can_perform_global_search_with_html_string() + { + User::create([ + 'name' => e('Record & 21'), + 'email' => 'Email-21@example.com', + ]); + + $this->assertEquals('Record & 21', User::find(21)->name); + + $crawler = $this->call('GET', '/query/users', [ + 'columns' => [ + ['data' => 'name', 'name' => 'name', 'searchable' => 'true', 'orderable' => 'true'], + ['data' => 'email', 'name' => 'email', 'searchable' => 'true', 'orderable' => 'true'], + ], + 'search' => ['value' => 'Record & 21'], + ]); + + $crawler->assertJson([ + 'draw' => 0, + 'recordsTotal' => 21, + 'recordsFiltered' => 1, + ]); + } + /** @test */ public function it_can_skip_total_records_count_query() { From 5667af8bf483ee0c689c9a75dbbca274c9959827 Mon Sep 17 00:00:00 2001 From: Arjay Angeles Date: Tue, 22 Nov 2022 09:35:35 +0800 Subject: [PATCH 3/4] refactor: no need to cast as string Co-authored-by: Mathieu FERRE --- src/Utilities/Request.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Utilities/Request.php b/src/Utilities/Request.php index 14957ec3..da3232c9 100644 --- a/src/Utilities/Request.php +++ b/src/Utilities/Request.php @@ -197,7 +197,7 @@ protected function prepareKeyword(float|array|int|string $keyword): string $keyword = implode(' ', $keyword); } - return e((string) $keyword); + return e($keyword); } /** From d2ab963ba0b7635298212bcff70843021170d528 Mon Sep 17 00:00:00 2001 From: Arjay Angeles Date: Tue, 22 Nov 2022 09:38:00 +0800 Subject: [PATCH 4/4] revert: "refactor: no need to cast as string" This reverts commit 077d2e89d659562363a8ea857b6118458c27d448. --- src/Utilities/Request.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Utilities/Request.php b/src/Utilities/Request.php index da3232c9..14957ec3 100644 --- a/src/Utilities/Request.php +++ b/src/Utilities/Request.php @@ -197,7 +197,7 @@ protected function prepareKeyword(float|array|int|string $keyword): string $keyword = implode(' ', $keyword); } - return e($keyword); + return e((string) $keyword); } /**