From 5e333943e9ce7ec8cfe1011127fff6f7b616f6fe Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Wed, 30 Sep 2015 20:29:45 -0500
Subject: [PATCH] search: Only promote to wildcard search if query ends in a
 word char

Otherwise we might end up with a search term like '"some junk"*' which is
invalid.
---
 include/ajax.orgs.php         | 2 +-
 include/ajax.tickets.php      | 2 +-
 include/ajax.users.php        | 2 +-
 include/staff/tickets.inc.php | 7 ++++---
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/include/ajax.orgs.php b/include/ajax.orgs.php
index 041678c0b..202d2d8f0 100644
--- a/include/ajax.orgs.php
+++ b/include/ajax.orgs.php
@@ -38,7 +38,7 @@ class OrgsAjaxAPI extends AjaxController {
         $orgs->order_by(new SqlCode('__relevance__'), QuerySet::DESC)
             ->distinct('id');
 
-        if (!count($orgs) && substr($q, strlen($q)-1) != '*') {
+        if (!count($orgs) && preg_match('`\w$`u', $q)) {
             // Do wildcard full-text search
             $_REQUEST['q'] = $q."*";
             return $this->search($type);
diff --git a/include/ajax.tickets.php b/include/ajax.tickets.php
index 31457ec4f..9a5822e12 100644
--- a/include/ajax.tickets.php
+++ b/include/ajax.tickets.php
@@ -66,7 +66,7 @@ class TicketsAjaxAPI extends AjaxController {
                 ->limit($limit)
                 ->union($hits);
         }
-        elseif (!count($hits) && $q[strlen($q)-1] != '*') {
+        elseif (!count($hits) && preg_match('`\w$`u', $q)) {
             // Do wild-card fulltext search
             $_REQUEST['q'] = $q.'*';
             return $this->lookup();
diff --git a/include/ajax.users.php b/include/ajax.users.php
index 0dd6da74b..03e203000 100644
--- a/include/ajax.users.php
+++ b/include/ajax.users.php
@@ -55,7 +55,7 @@ class UsersAjaxAPI extends AjaxController {
             $users->order_by(new SqlCode('__relevance__'), QuerySet::DESC)
                 ->distinct('id');
 
-            if (!count($emails) && !count($users) && substr($q, strlen($q)-1) != '*') {
+            if (!count($emails) && !count($users) && preg_match('`\w$`u', $q)) {
                 // Do wildcard full-text search
                 $_REQUEST['q'] = $q."*";
                 return $this->search($type);
diff --git a/include/staff/tickets.inc.php b/include/staff/tickets.inc.php
index 6e2defbe7..a3701e627 100644
--- a/include/staff/tickets.inc.php
+++ b/include/staff/tickets.inc.php
@@ -94,11 +94,12 @@ case 'search':
             }
         }
         elseif ($_REQUEST['query']) {
+            $q = trim($_REQUEST['query']);
             // [Search] click, consider keywords
-            $__tickets = $ost->searcher->find($_REQUEST['query'], $tickets);
-            if (!count($__tickets)) {
+            $__tickets = $ost->searcher->find($q, $tickets);
+            if (!count($__tickets) && preg_match('`\w$`u', $q)) {
                 // Do wildcard search if no hits
-                $__tickets = $ost->searcher->find($_REQUEST['query'].'*', $tickets);
+                $__tickets = $ost->searcher->find($q.'*', $tickets);
             }
             $tickets = $__tickets;
             $has_relevance = true;
-- 
GitLab