0

I have a query that is open to any number of words. Can be john, john doe, john company, john doe, company, or even doe company or 'company doe'.

You probably guessed I want to find this guy now. So I have to be looking for 3 columns (let's say first_name, last_name, company) with a query of which I don't know the exact structure.

How would I construct a query with MATCH/AGAINST without security holes?

There are two things I am not clear here: 1) What the logic would be to get the right results and 2) how not to leave security holes. Here is what I mean about security - the only way I find to do fulltext search in CakePHP is with:

 'conditions' =>  "MATCH(SearchIndex.data) AGAINST('$q' IN BOOLEAN MODE)",

But then everybody says this is open to injection.

Improve this question

1 Answer 1

Reset to default
2

try

'conditions' =>  array(
    "MATCH(SearchIndex.data) AGAINST(? IN BOOLEAN MODE)" => $q
),
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.