From 793e26e01f1b619a2bb257b2a74f7636a200e635 Mon Sep 17 00:00:00 2001
From: Bilal Catic <bilal.catic@hotmail.com>
Date: Fri, 31 Jan 2020 13:58:09 +0100
Subject: [PATCH] handle special chars; write tests for special chars

---
 spec/query_generator_spec.rb |  6 ++++++
 text_to_sql_query.rb         | 23 +++++++++++++++++------
 2 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/spec/query_generator_spec.rb b/spec/query_generator_spec.rb
index 05fb720..4226f20 100644
--- a/spec/query_generator_spec.rb
+++ b/spec/query_generator_spec.rb
@@ -85,5 +85,11 @@ class SqlGeneratorTester
 
       expect(@query.where_clause).to eq ['(players.title LIKE ? AND NOT (players.title LIKE ? OR players.title LIKE ?))', '%a%', '%b%', '%c%']
     end
+
+    it 'tests search with special characters in search term' do
+      @query = TextToSqlQuery.new('title:"%a_\"', [:'players.title', :'players.tag', :'players.device_id'], :'players.device_id')
+
+      expect(@query.where_clause).to eq ['players.title LIKE ?', '%"\%a\_\\"%']
+    end
   end
 end
\ No newline at end of file
diff --git a/text_to_sql_query.rb b/text_to_sql_query.rb
index ac1e085..241149a 100644
--- a/text_to_sql_query.rb
+++ b/text_to_sql_query.rb
@@ -22,15 +22,17 @@ class TextToSqlQuery
 
   def generate_sql(tree)
     first_key = tree.keys.first
+    node_value = tree[first_key]
     case first_key
     when :DEFAULT_COLUMN
-      ["#{@default_field.to_s} LIKE ?", "%#{tree[first_key]}%"]
+      escaped_node_value = escape_special_chars node_value
+      ["#{@default_field.to_s} LIKE ?", "%#{escaped_node_value}%"]
     when :OPERATOR_OR
-      generate_expression_for_logical_operator(:OR, tree[first_key])
+      generate_expression_for_logical_operator(:OR, node_value)
     when :OPERATOR_AND
-      generate_expression_for_logical_operator(:AND, tree[first_key])
+      generate_expression_for_logical_operator(:AND, node_value)
     when :OPERATOR_NOT
-      not_array = generate_sql tree[first_key]
+      not_array = generate_sql node_value
 
       if not_array.length < 2
         raise "There should be more than 1 element for expression following NOT operator"
@@ -43,11 +45,12 @@ class TextToSqlQuery
 
     else
       # key is column name
+      escaped_node_value = escape_special_chars node_value
       mapping = @fields_mappings[first_key.to_sym]
       if mapping.nil?
-        ["#{@default_field.to_s} LIKE ?", "%#{tree[first_key]}%"]
+        ["#{@default_field.to_s} LIKE ?", "%#{escaped_node_value}%"]
       else
-        ["#{mapping.to_s} LIKE ?", "%#{tree[first_key]}%"]
+        ["#{mapping.to_s} LIKE ?", "%#{escaped_node_value}%"]
       end
     end
   end
@@ -76,4 +79,12 @@ class TextToSqlQuery
 
     ["(#{first_operand_expression} #{operator.to_s} #{second_operand_expression})"] + first_operand_params + second_operand_params
   end
+
+  def escape_special_chars(text)
+    result = text
+    result.gsub!(/\_/, '\_')
+    result.tr!('\\', '\\')
+    result.gsub!(/%/, '\%')
+    result
+  end
 end
\ No newline at end of file