Search by single quote doesn’t work

  • Resolved urosn

    (@urosn)


    3 years, 7 months ago

    We have several products with single quotes in the name/title. We would also like to include a quote in search field. When there is a quote inside search parameter, no results are returned. Any suggestion?

    Kind regards,
    Uros

    • This topic was modified 3 years, 7 months ago by urosn.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support jaysupport

    (@jaysupport)

    3 years, 7 months ago

    Hi Uros,

    Quotes in the search will not be possible. For security reasons, single and double quotes get sanitized/escaped in front-end user inputs. For the title, you are able to include them by using the appropriate HTML entity. For example, for a single quote, that would be:

    &sbquo ;

    But with no space before the semi-colon.

    • This reply was modified 3 years, 7 months ago by jaysupport.
    Thread Starter urosn

    (@urosn)

    3 years, 7 months ago

    Hi jaysupport,

    Thank you for the explanation.

    I’ve tried &laquo ; and &raquo ;, the only problem with this approach is that left and right quotes are not part of the keyboard keys and are not easily entered by the end users. Also when using &quot ; and &apos ; in the title field, search still doesn’t work as the problem is in the input field sanitation.

    I believe single and double quotes in front-end user inputs are not properly escaped. If I insert a single quote in search input, query string parameter prod_name has value %27. And if I change query string parameter to ‘ (https://www.arboretum.si/arboretum/herbarij/?prod_name=’), I get value \’ in input field.

    Kind regards,
    Uros

    Plugin Support jaysupport

    (@jaysupport)

    3 years, 7 months ago

    Hi Uros,

    I’m not sure I follow. What I meant was that you cannot use the quote, in any form, in the search. I was suggesting the entities only for the title, not for the search.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Search by single quote doesn’t work’ is closed to new replies.

Tags