refactored tsquery sql to use rails escaping mechanisms

2013-03-07 16:34:12 -05:00
parent b7a5612c82
commit 2338f004eb
10 changed files with 23 additions and 21 deletions
--- a/app/models/artist.rb
+++ b/app/models/artist.rb
@@ -210,7 +210,7 @@ class Artist < ActiveRecord::Base
    end
    
    def other_names_match(string)
-      where("other_names_index @@ to_tsquery('danbooru', ?)", Artist.normalize_name(string))
+      where("other_names_index @@ to_tsquery('danbooru', E?)", Artist.normalize_name(string).to_escaped_for_tsquery)
    end
    
    def group_name_matches(name)
@@ -225,8 +225,8 @@ class Artist < ActiveRecord::Base
    
    def any_name_matches(name)
      stripped_name = normalize_name(name).to_escaped_for_sql_like
-      name_for_tsquery = normalize_name(name).gsub(/\(/, "\\(").gsub(/\)/, "\\)")
-      where("(name LIKE ? ESCAPE E'\\\\' OR other_names_index @@ to_tsquery('danbooru', ?))", stripped_name, name_for_tsquery)
+      name_for_tsquery = normalize_name(name).to_escaped_for_tsquery
+      where("(name LIKE ? ESCAPE E'\\\\' OR other_names_index @@ to_tsquery('danbooru', E?))", stripped_name, name_for_tsquery)
    end
    
    def search(params)