Jump to content
IGNORED

Wildcard search "kills" PlusCart


Andrew Davie

Recommended Posts

10 hours ago, Andrew Davie said:

If you search for "*" without the quotes, the PlusCart essentially dies.

It gets stuck in multple blank menus, wifi dies, etc....

 

The backend search responded with 1.5 MiB of error messages..

 

2 hours ago, Mr SQL said:

Maybe wildcard character needs to be escaped for backend db if that query is what is locking up

backend search is done with regular expression, special chars for reg_ex are now escaped.

 

  • Like 1
Link to comment
Share on other sites

4 hours ago, Al_Nafuur said:

The backend search responded with 1.5 MiB of error messages..

 

backend search is done with regular expression, special chars for reg_ex are now escaped.

 

Very cool! I was actually wondering about regular expression also being a possibility in lieu of SQL (RegEx Injection!) with your code in mind when I posted that :) 

 

I bet the backend is faster responding for all the PlusCarts without the errors queueing up. The RegEx Attack (unintentional) could be responsible for some timeouts or slowdowns we saw users experience on the Plus network.

Link to comment
Share on other sites

1 hour ago, Mr SQL said:

Very cool! I was actually wondering about regular expression also being a possibility in lieu of SQL (RegEx Injection!) with your code in mind when I posted that :) 

 

I bet the backend is faster responding for all the PlusCarts without the errors queueing up. The RegEx Attack (unintentional) could be responsible for some timeouts or slowdowns we saw users experience on the Plus network.

fortunately, the search function is not used very often, and there was only one user sending these special chars.?

 

Anyway for the server it was not a big issue it spills out the 1.5 MiB error messages very fast, but the requesting PlusCart tries to parse the response to menu entries 

 

  • Like 1
Link to comment
Share on other sites

10 hours ago, Al_Nafuur said:

fortunately, the search function is not used very often, and there was only one user sending these special chars.?

 

Who ... little old me?  I admit I was trying to break it.

 

One thing - since the search is case-insensitive, perhaps we should not have both lowercase/uppercase keyboards for search.

Just a generic uppercase keyboard would make more sense.

 

  • Like 2
Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...