diff options
| author | Robin Appelman <robin@icewind.nl> | 2022-11-02 12:44:51 +0100 |
|---|---|---|
| committer | Robin Appelman <robin@icewind.nl> | 2022-11-02 12:44:51 +0100 |
| commit | f76b4473ee8ecb90181b300c648fabef76106cd8 (patch) | |
| tree | 86dc803dd4bcc8e93adbee96b1fc8bd4ff78fa71 /lib/private/Files/Search/QueryOptimizer | |
| parent | 91392c08d6d69d74431588a9f38cbf15ef41c937 (diff) | |
| download | nextcloud-server-f76b4473ee8ecb90181b300c648fabef76106cd8.tar.gz nextcloud-server-f76b4473ee8ecb90181b300c648fabef76106cd8.zip | |
escape path prefix when doing cache jail search
Signed-off-by: Robin Appelman <robin@icewind.nl>
Diffstat (limited to 'lib/private/Files/Search/QueryOptimizer')
| -rw-r--r-- | lib/private/Files/Search/QueryOptimizer/PathPrefixOptimizer.php | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/lib/private/Files/Search/QueryOptimizer/PathPrefixOptimizer.php b/lib/private/Files/Search/QueryOptimizer/PathPrefixOptimizer.php index eea4b430578..62182303ffd 100644 --- a/lib/private/Files/Search/QueryOptimizer/PathPrefixOptimizer.php +++ b/lib/private/Files/Search/QueryOptimizer/PathPrefixOptimizer.php @@ -23,15 +23,12 @@ declare(strict_types=1); namespace OC\Files\Search\QueryOptimizer; +use OC\Files\Search\SearchComparison; use OCP\Files\Search\ISearchBinaryOperator; use OCP\Files\Search\ISearchComparison; use OCP\Files\Search\ISearchOperator; class PathPrefixOptimizer extends QueryOptimizerStep { - public function escapeLikeParameter(string $param): string { - return addcslashes($param, '\\_%'); - } - public function processOperator(ISearchOperator &$operator) { // normally the `path = "$prefix"` search query part of the prefix filter would be generated as an `path_hash = md5($prefix)` sql query // since the `path_hash` sql column usually provides much faster querying that selecting on the `path` sql column @@ -43,11 +40,11 @@ class PathPrefixOptimizer extends QueryOptimizerStep { $b = $operator->getArguments()[1]; if ($a instanceof ISearchComparison && $b instanceof ISearchComparison && $a->getField() === 'path' && $b->getField() === 'path') { if ($a->getType() === ISearchComparison::COMPARE_LIKE_CASE_SENSITIVE && $b->getType() === ISearchComparison::COMPARE_EQUAL - && $a->getValue() === $this->escapeLikeParameter($b->getValue()) . '/%') { + && $a->getValue() === SearchComparison::escapeLikeParameter($b->getValue()) . '/%') { $b->setQueryHint(ISearchComparison::HINT_PATH_EQ_HASH, false); } if ($b->getType() === ISearchComparison::COMPARE_LIKE_CASE_SENSITIVE && $a->getType() === ISearchComparison::COMPARE_EQUAL - && $b->getValue() === $this->escapeLikeParameter($a->getValue()) . '/%') { + && $b->getValue() === SearchComparison::escapeLikeParameter($a->getValue()) . '/%') { $a->setQueryHint(ISearchComparison::HINT_PATH_EQ_HASH, false); } } |