Message of the day:
Security release 4.4.4 is out. Changelog: https://github.com/silverstripe/silverstripe-framework/blob/4/docs/en/04_Changelogs/4.4.4.md
SilverStripe 4 related information and questions.
But I feel like perhaps your understanding of paramaterised queries might be a little different from what they actually do.
I don't want to give you bad advice, so please check anything I suggest.
Neat, thanks for context.
This works successfully and returns search queries per locale. It's just translating some of the variables into params to pass to the prepared query that breaks it for some reason.
Sorry, that's not the full query. It's here for greater reference. https://github.com/taoceanz/silverstripe-fluent/blob/feature/ss4-core-search-extension/src/Extension/FluentSearchFormExtension.php#L65
SELECT DISTINCT SiteTree_Live.ID, SiteTree_Live.Title, MATCH (SiteTree_Live.Title, SiteTree_Live.MenuTitle, SiteTree_Live.Content, SiteTree_Live.MetaDescription) AGAINST ('Search') AS Relevance is fine?
I'm changing it as Damian suggested it's more secure as a parameterised query. This is the PR for more info: https://github.com/tractorcow-farm/silverstripe-fluent/pull/547
Add search extension to enable using SS Core search functionality with Fluent.Hide attachment content