You are here

public static function SolrFilterSubQuery::validFilterValue in Apache Solr Search 7

Same name and namespace in other branches
  1. 8 Solr_Base_Query.php \SolrFilterSubQuery::validFilterValue()
  2. 6.3 Solr_Base_Query.php \SolrFilterSubQuery::validFilterValue()

Make sure our query matches the pattern name:value or name:"value" Make sure that if we are ranges we use name:[ AND ] allowed inputs : a. bundle:article b. date:[1970-12-31T23:59:59Z TO NOW] Split the text in 4 different parts 1. name, eg.: bundle or date 2. The first opening bracket (or nothing), eg.: [ 3. The value of the field, eg. article or 1970-12-31T23:59:59Z TO NOW 4. The last closing bracket, eg.: ]

Parameters

string $filter: The filter to validate

Return value

boolean

File

./Solr_Base_Query.php, line 154
This class allows you to make operations on a query that will be sent to Apache Solr. methods such as adding and removing sorts, remove and replace parameters, adding and removing filters, getters and setters for various parameters and more

Class

SolrFilterSubQuery
This class allows you to make operations on a query that will be sent to Apache Solr. methods such as adding and removing sorts, remove and replace parameters, adding and removing filters, getters and setters for various parameters and…

Code

public static function validFilterValue($filter) {
  $name = NULL;
  $value = NULL;
  $matches = array();
  $datefields = array();
  $datefield_match = array();
  if (preg_match('/(?P<name>[^:]+):(?P<value>.+)?$/', $filter, $matches)) {
    foreach ($matches as $match_id => $match) {
      switch ($match_id) {
        case 'name':
          $name = $match;
          break;
        case 'value':
          $value = $match;
          break;
      }
    }

    // For the name we allow any character that fits between the A-Z0-9 range and
    // any alternative for this in other languages. No special characters allowed.
    // Negative filters may have a leading "-".
    if (!preg_match('/^-?[a-zA-Z0-9_\\x7f-\\xff]+$/', $name)) {
      return FALSE;
    }

    // For the value we allow anything that is UTF8
    if (!drupal_validate_utf8($value)) {
      return FALSE;
    }

    // Check our bracket count. If it does not match it is also not valid
    $valid_brackets = TRUE;
    $brackets['opening']['{'] = substr_count($value, '{');
    $brackets['closing']['}'] = substr_count($value, '}');
    $valid_brackets = $valid_brackets && $brackets['opening']['{'] == $brackets['closing']['}'];
    $brackets['opening']['['] = substr_count($value, '[');
    $brackets['closing'][']'] = substr_count($value, ']');
    $valid_brackets = $valid_brackets && $brackets['opening']['['] == $brackets['closing'][']'];
    $brackets['opening']['('] = substr_count($value, '(');
    $brackets['closing'][')'] = substr_count($value, ')');
    $valid_brackets = $valid_brackets && $brackets['opening']['('] == $brackets['closing'][')'];
    if (!$valid_brackets) {
      return FALSE;
    }

    // Check the date field inputs
    if (preg_match('/\\[(.+) TO (.+)\\]$/', $value, $datefields)) {

      // Only Allow a value in the form of
      // http://lucene.apache.org/solr/api/org/apache/solr/schema/DateField.html
      // http://lucene.apache.org/solr/api/org/apache/solr/util/DateMathParser.html
      // http://wiki.apache.org/solr/SolrQuerySyntax
      // 1976-03-06T23:59:59.999Z (valid)
      // * (valid)
      // 1995-12-31T23:59:59.999Z (valid)
      // 2007-03-06T00:00:00Z (valid)
      // NOW-1YEAR/DAY (valid)
      // NOW/DAY+1DAY (valid)
      // 1976-03-06T23:59:59.999Z (valid)
      // 1976-03-06T23:59:59.999Z+1YEAR (valid)
      // 1976-03-06T23:59:59.999Z/YEAR (valid)
      // 1976-03-06T23:59:59.999Z (valid)
      // 1976-03-06T23::59::59.999Z (invalid)
      if (!empty($datefields[1]) && !empty($datefields[2])) {

        // Do not check to full value, only the splitted ones
        unset($datefields[0]);

        // Check if both matches are valid datefields
        foreach ($datefields as $datefield) {
          if (!preg_match('/(\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:[\\d\\.]{2,6}Z(\\S)*)|(^([A-Z\\*]+)(\\A-Z0-9\\+\\-\\/)*)/', $datefield, $datefield_match)) {
            return FALSE;
          }
        }
      }
    }
  }
  return TRUE;
}