1
我遇到了全文搜索查询的问题。它是从Symfony(2.8)控制器的内部发送的,如果这很重要的话。代码是:Symfony/MySQL:特殊字符的全文搜索语法错误
// not processed text (apart from multiple spaces) from form:
$searchTerm = preg_replace('!\s+!', ' ', trim($data['query']));
// for full-text search:
$searchTermPhrase = str_replace(' ', '* ', $searchTerm) . '*';
$entityManager = $this->getDoctrine()->getManager();
// as far as I remember, query taken from StackOverflow after some tests
$statement = $entityManager->getConnection()
->prepare(
"SELECT COUNT(id) AS books_count
FROM book
WHERE
MATCH(title) AGAINST (:searchTermPhrase IN BOOLEAN MODE) > 5
AND active = true
");
$statement->execute(array('searchTermPhrase' => $searchTermPhrase));
$titlesCount = $statement->fetch();
$titlesCount = $titlesCount['books_count'];
现在,它工作得很好。大多数时候。但是,如果用户把里面的一些特殊字符,例如(title),"title"等,它失败:
SQLSTATE[42000]: Syntax error or access violation:
1064 syntax error, unexpected $end, expecting
FTS_TERM or FTS_NUMB or '*'
我不明白这一点,我使用参数化查询,它会自动采取这样的情况下照顾... ?我不想最终剥离所有非字母数字字符或测试,这确实会导致问题,但我没有想法。