public function testQueryParserExceptionsHandling() { $this->assertTrue(Zend_Search_Lucene_Search_QueryParser::queryParsingExceptionsSuppressed()); try { $query = Zend_Search_Lucene_Search_QueryParser::parse('contents:[business TO by}'); } catch (Zend_Search_Lucene_Exception $e) { $this->fail('exception raised while parsing a query'); } $this->assertEquals('contents business to by', $query->__toString()); Zend_Search_Lucene_Search_QueryParser::dontSuppressQueryParsingExceptions(); $this->assertFalse(Zend_Search_Lucene_Search_QueryParser::queryParsingExceptionsSuppressed()); try { $query = Zend_Search_Lucene_Search_QueryParser::parse('contents:[business TO by}'); $this->fail('exception wasn\'t raised while parsing a query'); } catch (Zend_Search_Lucene_Exception $e) { $this->assertEquals('Syntax error at char position 25.', $e->getMessage()); } Zend_Search_Lucene_Search_QueryParser::suppressQueryParsingExceptions(); $this->assertTrue(Zend_Search_Lucene_Search_QueryParser::queryParsingExceptionsSuppressed()); }
function search() { if (!empty($this->data['Tutorial'])) { // convert POST to Cake named params (it's prettier than GET) $this->redirect(array_merge($this->params['named'], $this->data['Tutorial'])); } // default to boolean AND searching Zend_Search_Lucene_Search_QueryParser::setDefaultOperator(Zend_Search_Lucene_Search_QueryParser::B_AND); $query = ''; // Are there any parameters besides page? $named_params = array_diff_key($this->params['named'], array('page' => '')); if (!empty($named_params)) { // sanitize with exceptions for Zend Lucene query language. (Do the exceptions introduce a vulnerability? // Can Zend Lucene validate a query ahead of time?) if (isset($this->params['named']['term'])) { // $query = Sanitize::paranoid($this->params['named']['term'], // array(' ', '"', "'", ':', '?', '*', '~', '[', ']', '_', '-', '{', '}', '.', '^', '+', '-', '(', // ')', '&', '|', '!')); $query = $this->params['named']['term']; if (!empty($query)) { // Intercept invalid queries try { Zend_Search_Lucene_Search_QueryParser::dontSuppressQueryParsingExceptions(); $parsed_query = Zend_Search_Lucene_Search_QueryParser::parse($query); } catch (Zend_Search_Lucene_Exception $e) { // Why can't I catch Zend_Search_Lucene_Search_QueryParserException? $this->Session->setFlash("We're not sure what you mean. Are your search terms correct?"); $this->redirect(array('action' => 'search', 'term' => Sanitize::paranoid($query, array(" ")))); } } } else { $parsed_query = new Zend_Search_Lucene_Search_Query_Boolean(); } try { if (isset($this->params['named']['learning_goal'])) { $learning_goals = explode('|', $this->params['named']['learning_goal']); foreach ($learning_goals as $learning_goal) { if (is_numeric($learning_goal)) { $learning_goal_term = new Zend_Search_Lucene_Index_Term($learning_goal, 'learning_goal'); $learning_goal_query = new Zend_Search_Lucene_Search_Query_Term($learning_goal_term); $parsed_query->addSubquery($learning_goal_query, true); } } } if (isset($this->params['named']['resource_type'])) { $resource_types = explode('|', $this->params['named']['resource_type']); foreach ($resource_types as $resource_type) { if (is_numeric($resource_type)) { $resource_type_term = new Zend_Search_Lucene_Index_Term($resource_type, 'resource_type'); $resource_type_query = new Zend_Search_Lucene_Search_Query_Term($resource_type_term); $parsed_query->addSubquery($resource_type_query, true); } } } if (isset($this->params['named']['keyword'])) { $keywords = explode('|', $this->params['named']['keyword']); foreach ($keywords as $keyword) { if (preg_match('/[A-Za-z0-9\\-]+/', $keyword)) { // valid UUID? $keyword_term = new Zend_Search_Lucene_Index_Term($keyword, 'keyword'); $keyword_query = new Zend_Search_Lucene_Search_Query_Term($keyword_term); $parsed_query->addSubquery($keyword_query, true); } } } } catch (Zend_Search_Lucene_Exception $e) { // Why can't I catch Zend_Search_Lucene_Search_QueryParserException? $this->Session->setFlash("We're not sure what you mean. Are your search terms correct?"); $this->redirect(array('action' => 'search', 'query' => $query)); } $this->paginate['SearchIndex'] = array('limit' => 10, 'conditions' => array('query' => $parsed_query), 'highlight' => true); $this->set('tutorials', $this->paginate($this->Tutorial->SearchIndex)); } else { $this->paginate = array('published', 'limit' => 10, 'order' => 'Tutorial.title ASC', 'conditions' => array('in_index' => true), 'contain' => array('Tag')); $this->set('tutorials', $this->paginate($this->Tutorial)); } $this->layout = 'institution'; $results_context = array('model' => '', 'key' => '', 'id' => 0, 'name' => ''); $this->set(compact('results_context')); $this->set('learningGoals', $this->Tutorial->LearningGoal->find('list')); $this->set('resourceTypes', $this->Tutorial->ResourceType->find('list')); }