From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Mon, 28 Jul 2008 21:11:49 +0000 (+0000)
Subject: Fixed: tokens not escaped in highlight_tokens regexp (#1702).
X-Git-Tag: 0.8.0-RC1~311
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=b91bdf8798360aa913ac97167c4925f95faa3673;p=redmine.git

Fixed: tokens not escaped in highlight_tokens regexp (#1702).

git-svn-id: http://redmine.rubyforge.org/svn/trunk@1709 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/helpers/search_helper.rb b/app/helpers/search_helper.rb
index 92f2da8a5..cd96dbd3f 100644
--- a/app/helpers/search_helper.rb
+++ b/app/helpers/search_helper.rb
@@ -18,7 +18,8 @@
 module SearchHelper
   def highlight_tokens(text, tokens)
     return text unless text && tokens && !tokens.empty?
-    regexp = Regexp.new "(#{tokens.join('|')})", Regexp::IGNORECASE    
+    re_tokens = tokens.collect {|t| Regexp.escape(t)}
+    regexp = Regexp.new "(#{re_tokens.join('|')})", Regexp::IGNORECASE    
     result = ''
     text.split(regexp).each_with_index do |words, i|
       if result.length > 1200