Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-11-02 19:36:12 +01:00
Code Issues Packages Projects Releases Activity

fixed saved search

Browse Source
This commit is contained in:
zadam
2019-02-15 21:21:26 +01:00
parent f140b77e7c
commit 96de2e7008
5 changed files with 95 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/routes/api/search.js
View File

@@ -1,6 +1,7 @@
"use strict";
const sql = require('../../services/sql');
const utils = require('../../services/utils');
const noteService = require('../../services/notes');
const noteCacheService = require('../../services/note_cache');
const parseFilters = require('../../services/parse_filters');
@@ -55,15 +56,18 @@ async function getFullTextResults(searchText) {
const tokenSql = ["1=1"];
for (const token of tokens) {
// FIXME: escape token!
tokenSql.push(`(title LIKE '%${token}%' OR content LIKE '%${token}%')`);
const safeToken = utils.sanitizeSql(token);
tokenSql.push(`(title LIKE '%${safeToken}%' OR content LIKE '%${safeToken}%')`);
}
const noteIds = await sql.getColumn(`
SELECT DISTINCT noteId
FROM notes
FROM
notes
JOIN note_contents USING(noteId)
WHERE isDeleted = 0
AND isProtected = 0
AND notes.isProtected = 0
AND type IN ('text', 'code')
AND ${tokenSql.join(' AND ')}`);