Are you enjoying the extensions? Did you like the support? Help others decide.

Leave a review

file search bug

More
10 years 3 months ago #3699 by dhumphris
search bug was created by dhumphris
Hi,

I'm using Joomla! 3.3.3.
Database version: 5.1.73
PHP Version: 5.4.26

I came across a bug today - when searching contacts matching a string, the results return contacts that are not published. The following query is what is created:

SELECT cd.id, cd.catid, trim(cd.name) AS name, cd.sortname1, cc.lft as c_order, cd.user_id, cd.featured, cc.title AS category, cd.params, cd.image, CASE WHEN CHAR_LENGTH(cd.alias) THEN CONCAT_WS(':', cd.id, cd.alias) ELSE cd.id END AS slug, CASE WHEN CHAR_LENGTH(cc.alias) THEN CONCAT_WS(':', cc.id, cc.alias) ELSE cc.id END AS catslug, trim(cd.email_to) AS field1, 'email_to' AS fieldname1, 'empty' AS field2, 'empty' AS fieldname2, trim(cd.suburb) AS field3, 'suburb' AS fieldname3, trim(cd.con_position) AS field4, 'con_position' AS fieldname4, trim(cd.state) AS field5, 'state' AS fieldname5, trim(cd.telephone) AS field6, 'telephone' AS fieldname6, trim(cd.email_to) AS fieldl1, 'email_to' AS fieldnamel1 FROM capture_contact_details AS cd INNER JOIN capture_categories AS cc ON cd.catid = cc.id WHERE cd.name LIKE "%stan%" OR cd.email_to LIKE "%stan%" OR cd.suburb LIKE "%stan%" OR cd.con_position LIKE "%stan%" OR cd.state LIKE "%stan%" AND cd.access IN (1,1,5) AND cc.access IN (1,1,5) AND cd.published = 1 AND (cd.publish_up = '0000-00-00 00:00:00' OR cd.publish_up <= '2014-07-28 09:38:42') AND (cd.publish_down = '0000-00-00 00:00:00' OR cd.publish_down >= '2014-07-28 09:38:42') AND cd.featured = 0 ORDER BY cc.lft ASC,cd.ordering ASC

Note that is returns contacts which are not published. However when I stick the search terms inside brackets like this:

SELECT cd.id, cd.published, cd.catid, trim(cd.name) AS name, cd.sortname1, cc.lft as c_order, cd.user_id, cd.featured, cc.title AS category, cd.params, cd.image, CASE WHEN CHAR_LENGTH(cd.alias) THEN CONCAT_WS(':', cd.id, cd.alias) ELSE cd.id END AS slug, CASE WHEN CHAR_LENGTH(cc.alias) THEN CONCAT_WS(':', cc.id, cc.alias) ELSE cc.id END AS catslug, trim(cd.email_to) AS field1, 'email_to' AS fieldname1, 'empty' AS field2, 'empty' AS fieldname2, trim(cd.suburb) AS field3, 'suburb' AS fieldname3, trim(cd.con_position) AS field4, 'con_position' AS fieldname4, trim(cd.state) AS field5, 'state' AS fieldname5, trim(cd.telephone) AS field6, 'telephone' AS fieldname6, trim(cd.email_to) AS fieldl1, 'email_to' AS fieldnamel1 FROM capture_contact_details AS cd INNER JOIN capture_categories AS cc ON cd.catid = cc.id WHERE (cd.name LIKE "%stan%" OR cd.email_to LIKE "%stan%" OR cd.suburb LIKE "%stan%" OR cd.con_position LIKE "%stan%" OR cd.state LIKE "%stan%") AND cd.access IN (1,1,5) AND cc.access IN (1,1,5) AND cd.published = 1 AND (cd.publish_up = '0000-00-00 00:00:00' OR cd.publish_up <= '2014-07-28 09:38:42') AND (cd.publish_down = '0000-00-00 00:00:00' OR cd.publish_down >= '2014-07-28 09:38:42') AND cd.featured = 0 ORDER BY cc.lft ASC,cd.ordering ASC

the query returns correctly.

Therefore I have edited models/trombinoscopeextended.php like this:

Line 457 -> add the open bracket into the SQL:
$querywhere = '(cd.name LIKE "%'.$searchtecontact.'%"';

Add a new line after line 497 to close the bracket:
$querywhere .= ')';


Cheers, Douglas

Please Log in or Create an account to join the conversation.

More
10 years 3 months ago #3700 by admin
Replied by admin on topic search bug
Thank you Douglas,

I will take a close look. Thank you for sharing your find!
The fix will be included in the next update.
I do appreciate your help.

Olivier.

Please Log in or Create an account to join the conversation.

More
10 years 3 months ago #3701 by dhumphris
Replied by dhumphris on topic search bug
You're welcome. However it's just occurred to me that my fix might break the code when searching by category only. I haven't tested this because I am not allowing category filtering on my site.

Douglas

Please Log in or Create an account to join the conversation.

More
10 years 3 months ago #3702 by admin
Replied by admin on topic search bug
Thank you Douglas!

Olivier.

Please Log in or Create an account to join the conversation.