If semicolon is considered a part of the SQL query, then it will be
considered as a sql injection, no !!!
----- Original Message -----
From: "Rob Atkinson" <[email protected]>
To: "Mr. Bessem Aamira" <[email protected]>;
<[email protected]>
Sent: Friday, August 08, 2014 2:18 PM
Subject: Re: search term with semicolon
Perhaps if the search is parsed and sent to mysql then the semi-colon is
interpreted as the end of a sql command?
just a wild guess. you could try entering the hex version of ; with the
escape which I think is % in the url.
Rob Atkinson
Fermilab
On 08/08/2014 04:53 AM, Mr. Bessem Aamira wrote:
Hello,
Does anyone have an explanation why the search with a term containing a
semicolon only returns a result for the first part (before the semicolon)
Exemple
http://invenio-demo.cern.ch/search?ln=fr&sc=1&p=*text1;text2*&f=&action_search=Recherche&c=Articles+%26+Preprints&c=Books+%26+Reports&c=Multimedia+%26+Arts
<http://invenio-demo.cern.ch/search?ln=fr&sc=1&p=text1;text2&f=&action_search=Recherche&c=Articles+%26+Preprints&c=Books+%26+Reports&c=Multimedia+%26+Arts>
