Working on searching...

- Check default column names to avoid DB errors
- Prefix default column names with table name to avoid ambiguity
- Handle single words in quotes

etemplate/inc/class.so_sql.inc.php

@@ -1085,8 +1085,15 @@ class so_sql
 			if ($token[0]=='"')
 			{
 				$token = substr($token, 1,strlen($token));
+ 				if(substr($token, -1) != '"')
+				{
 					$token .= ' '.strtok('"');
 				}
+				else
+				{
+					$token = substr($token, 0, -1);
+				}
+			}
 
 			// prepend and append extra wildcard %, if pattern does NOT already contain wildcards
 			if (strpos($token,'*') === false && strpos($token,'?') === false)
@@ -1189,8 +1196,14 @@ class so_sql
 		// Skip some numeric columns that don't make sense to search if we have to default to all columns
 		if(is_null($this->columns_to_search))
 		{
-			foreach($search_cols as $key => $col)
+			foreach($search_cols as $key => &$col)
 			{
+				// If the name as given isn't a real column name, and adding the prefix doesn't help, skip it
+				if(!$this->table_def['fd'][$col] && !($col = $this->prefix.array_search($col, $search_cols))) {
+					// Can't search this column
+					unset($search_cols[$key]);
+					continue;
+				}
 				if(in_array($this->table_def['fd'][$col]['type'], $numeric_types)) 
 				{
 					foreach($skip_columns_with as $bad) 
@@ -1202,6 +1215,8 @@ class so_sql
 						}
 					}
 				}
+				// Prefix with table name to avoid ambiguity
+				$col = $this->table_name.'.'.$col;
 			}
 		}
 		return $search_cols;