- # has special meaning in url and is intern always urlencoded as %23
- ? has special meaning in url and is intern always urlencoded as %3F
- % need to be urlencoded as %25, as it's the escape char in urlencoding
(it has not been stored urlencoded in sqlfs so far, there's some
workaround in filemanger_ui to deal with the old unencoded % chars)
- space and + are NOT urlencoded in sqlfs in the DB, they get urlencoded
only for download urls
- " get urlencoded for download urls only as it messes up the html
markup
--> Filenames get urldecoded, before displayed to user
- done manually eg. in messages
- done automatically in new vfs-name widget (both ways)
button names: eg. "delete[$row_cont[path]]" with path containing " or '
- they need to get quoted for correct html markup
- etemplate_request::set_to_process() need to use unquoted version, as
this is how it get returned in $_POST
- correctly quote quotes in parameters of javascript functions used
eg. as eventhandlers, eg. onchange="do_something('$cont[name]');"
--> if $cont[name] is an array: do_something([ 'val1', 'val2' ]) is used
- correctly quote & in get parameters of url's
- If app doesn't specify columns to search, all columns except numerics with '_id', 'modified', 'modifier', 'status', 'cat_id', 'owner' will be considered
- Numeric columns will be searched only if the search string contains a numeric token. 'maintenance 50' is ok to search for, but for numeric columns only 50 will be searched.
- Numeric columns are searched using equality, unless user puts in a wildcard. Searching for 50 will only match 50, not 150 or 1950/04/10, but *50 will match 150.
- Text columns are searched using LIKE, including numeric search terms, as before.
- All words are trimmed
- Double quotes require the exact phrase ("Nathan Gray" will not match Nathan Brown or Gray Power)
- Modifiers + and - before a word will require or exclude the word (+test -fail), otherwise word is ORed
- User language modifiers AND, OR and NOT (uppercase) will be parsed.
- Combinations: tracker entry -testing -"fatal error"
Note that "entry" will not match "entries", and the results are not sorted by match strength.
All applications that use so_sql for searching should gain these benefits.
