Remove Symbols from MYSQL Search

Caz · September 24, 2020, 12:33pm

Hi all,

Does anyone know how I can remove symbols from search queries using Magento 2’s default MYSQL?

I want a temporary fix as I won’t get a chance to play around with Elasticsearch yet [I’ve heard this might be good at removing them or could help solve it.]

For now, I’ve found the following article, which explains what I want to do.

Customer searches for Test1$23?45&789^1 , but the website/database reads it as Test1 23 45 789 1

Match.php is located here:

vendor\magento\framework\Search\Adapter\Mysql\Query\Builder

Within Match.php, I’m assuming I turn this line:

const SPECIAL_CHARACTERS = '-+~/\\<>\'":*$#@()!,.?=%&^’;`

into

const SPECIAL_CHARACTERS = ' ';

How would I override Match.php in my custom theme?

I want to do this to remove the ugly MYSQL injection suggestions our customers might see from the auto suggestion when searching.

digitalstartup · September 24, 2020, 12:56pm

Hey @Caz and welcome!

I think this can be achieved by stripping out the special characters in the search form itself. I think the Luma Theme has already been patched to fix the exploit, but I could be wrong.

I think there is a better way than the one that you’ve linked. Are you using a specific theme at all?

Edit: Spoke to an M2 Dev this afternoon, who had a suggestion. I’m just waiting to clarify a couple of details before I post a solution

Caz · September 24, 2020, 2:41pm

Cheers, we use a somewhat custom theme with luma as fallback

system · October 24, 2020, 2:41pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.