Merge pull request #359 from hotwax/358_facility_filter_enhancement

Improved: Escaped special characters while building facility filter in Solr search query (358).
hotwax · Nov 23, 2023 · 91bad3c · 91bad3c
2 parents 8c4598e + 4aac409
commit 91bad3c
Showing 1 changed file with 12 additions and 3 deletions.
diff --git a/src/utils/solrHelper.ts b/src/utils/solrHelper.ts
@@ -33,9 +33,10 @@ const prepareOrderQuery = (params: any) => {
 
       if (Array.isArray(filterValue)) {
         const filterOperator = params.filters[key].op ? params.filters[key].op : 'OR' ;
-        payload.json.filter += ` AND ${key}: (${filterValue.join(' ' + filterOperator + ' ')})`
+        const escapedFilterValues = filterValue.map(value => escapeSolrSpecialChars(value));
+        payload.json.filter += ` AND ${key}: (${escapedFilterValues.join(' ' + filterOperator + ' ')})`
       } else {
-        payload.json.filter += ` AND ${key}: ${filterValue}`
+        payload.json.filter += ` AND ${key}: ${escapeSolrSpecialChars(filterValue)}`
       }
     })
   }
@@ -47,4 +48,12 @@ const prepareOrderQuery = (params: any) => {
   return payload
 }
 
-export { prepareOrderQuery }
+const escapeSolrSpecialChars = (input: any) => {
+  const specialChars = ['\\', '+', '-', '&&', '||', '!', '(', ')', '{', '}', '[', ']', '^', '"', '~', '*', '?', ':'];
+
+  // Escape each special character in the input
+  const escapedInput = String(input).replace(new RegExp(`[${specialChars.join('\\')}]`, 'g'), '\\$&');
+  return escapedInput;
+}
+
+export { escapeSolrSpecialChars, prepareOrderQuery }