View more context

 

taoceanz

I'm changing it as Damian suggested it's more secure as a parameterised query. This is the PR for more info: https://github.com/tractorcow-farm/silverstripe-fluent/pull/547

Show 1 attachment(s)
nightjarnz

SELECT DISTINCT SiteTree_Live.ID, SiteTree_Live.Title, MATCH (SiteTree_Live.Title, SiteTree_Live.MenuTitle, SiteTree_Live.Content, SiteTree_Live.MetaDescription) AGAINST ('Search') AS Relevance is fine?

taoceanz

Sorry, that's not the full query. It's here for greater reference. https://github.com/taoceanz/silverstripe-fluent/blob/feature/ss4-core-search-extension/src/Extension/FluentSearchFormExtension.php#L65

Show 1 attachment(s)
GitHub  
taoceanz/silverstripe-fluent

Multi-language translate module for Silverstripe, without having to manage separate site trees. - taoceanz/silverstripe-fluent

Hide attachment content
taoceanz

This works successfully and returns search queries per locale. It's just translating some of the variables into params to pass to the prepared query that breaks it for some reason.

nightjarnz

I don't want to give you bad advice, so please check anything I suggest.

nightjarnz

But I feel like perhaps your understanding of paramaterised queries might be a little different from what they actually do.

nightjarnz

it's not simple string replacement, to my knowledge (such as in PHP there, putting vars in a string), rather (again, my knowledge is also limited) I believe they're for values I'm not sure you can do what you're trying to achieve here with the tables as a parameter.