lib/data_table/mongoid.rb in data_table-0.3.3 vs lib/data_table/mongoid.rb in data_table-0.3.4
- old
+ new
@@ -11,14 +11,16 @@
def _matching_count params, search_fields
self.where(_where_conditions params[:sSearch], search_fields).count
end
def _where_conditions raw_query, search_fields
- return if (query = raw_query.gsub(/\//, "")).blank?
+ query = _sanitize raw_query
+ ::Rails.logger.info "#{raw_query.inspect} => #{query.inspect}"
+ return if (query = _sanitize raw_query).blank?
if search_fields.size == 1
- terms = query.strip.split(/\s+/)
+ terms = query.split(/\s+/)
if terms.size == 1
{search_fields.first => /#{terms.first}/i}
else
{search_fields.first => {"$all" => terms.map {|term| /#{term}/i }}}
@@ -28,9 +30,13 @@
end
end
def _order_by_fields params, fields
[fields[params[:iSortCol_0].to_i], params[:sSortDir_0]]
+ end
+
+ def _sanitize string
+ string.strip.gsub(/([\/\.\+\*\[\]\(\)])/) { "\\#{$1}" }
end
end
end
end