Enhance Search Query Handling with Special Characters

[OhmSpectator]

Description

This PR introduces an enhancement to the search functionality in the backend. By integrating lodash's escapeRegExp function, we now ensure that special characters in search terms are properly escaped, thereby avoiding errors and server crashes when users input characters like '?' in the search field. This update aims to improve the robustness and reliability of the search feature in our application.

Related Issues

Closes: #160

How Was This Tested?

Tests were conducted with various search queries containing special characters, including but not limited to %, ', *, ?, and (. Each character was tested in isolation and in combination with alphanumeric characters to simulate real-world search queries. The tests were performed via the UI by inputting these characters into the search field. The backend handled all cases gracefully, properly escaping special characters and preventing any crashes or malformed SQL queries. No errors were encountered, and search functionality remained consistent and reliable across all tested scenarios.

Checklist

Before submitting your PR, please review the following:

• Commit messages follow the standard template.
• All commits are signed.
• Related issues are mentioned in the description above.
• I have followed the project's directory structure.
• Linter checks have been passed.

Summary by CodeRabbit

• Enhancements

  • Improved search functionality to handle special characters in search terms more effectively.

• New Features

  • Integrated a utility to ensure search terms are safely processed for regular expression matching.

• Dependencies

  • Added a new library to assist with text processing within search queries.

[coderabbitai]

Walkthrough

The update to regionController.js addresses a crash issue when special characters, like a URL-encoded '?', are included in search queries. By incorporating lodash to escape regex patterns, the code now safely handles special characters in search terms, mitigating potential crashes and security vulnerabilities related to SQL query execution.

Changes

File Path	Change Summary
.../src/controllers/regionController.js	Added lodash dependency and updated searchRegions function to escape regex patterns for search queries.

Assessment against linked issues

Objective	Addressed	Explanation
Prevent backend crash with special characters in search queries (#160)	✅
Correct handling of URL-encoded characters to prevent crashes (#160)	✅
Address SQL query invalid regex errors with special characters (#160)	✅
Sanitize URL-encoded characters in query parameters for security (#160)	✅
Modify SQL query construction to prevent regex errors (#160)	✅

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on X ?

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• You can directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
• You can tag CodeRabbit on specific lines of code or entire files in the PR by tagging @coderabbitai in a comment. Examples:
  • @coderabbitai generate unit tests for this file
  • @coderabbitai modularize this function
• You can tag @coderabbitai in a PR comment and ask questions about the PR and the codebase. Use quoted replies to pass the context for follow-up questions. Examples:
  • @coderabbitai render interesting statistics about this repository as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai generate unit tests for the src/utils.ts file.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

CodeRabbit Discord Community

Join our Discord Community to get help, request features, and share feedback.

[sweep-ai]

Apply Sweep Rules to your PR?

• Apply: All new business logic should have corresponding unit tests.
• Apply: Refactor large functions to be more modular.
• Apply: Add docstrings to all functions and file headers.
• Apply: In the PR description, provide the Issue number that your PR fixes in a form Fixes #<Issue Number>
• Apply: Make changes only in the directory you are working on (frontend, backend, or deployment).
• Apply: For JavaScript (used in frontend and backend), follow the Airbnb JavaScript Style Guide
• Apply: For Python (used in deployment scripts), use Black
• Apply: Follow this format for all commit messages:

<Type>: <Topic>.

<Description>

[Issue: #<GitHub Issue Number>]

Type can be one of the following:

• front: Frontend
• back: Backend
• deploy: Deployment
  Or leave it blank if the commit is not specific to any of the above.
  Ensure the commit message is concise yet descriptive.
  If the commit fixes an issue, add the issue number in the commit message.

[coderabbitai]

Review Status

Actionable comments generated: 0

Configuration used: .coderabbit.yaml

Commits

Files that changed from the base of the PR and between df246b9 and 0d6c58f.

Files ignored due to filter (1)

• backend/package.json

Files selected for processing (1)

• backend/src/controllers/regionController.js (2 hunks)

Additional comments: 4

backend/src/controllers/regionController.js (4)

• 4-4: The addition of lodash is correctly implemented to facilitate the escaping of regex special characters in search queries.

• 25-26: The implementation of _.escapeRegExp to escape special characters in search terms is correct and aligns with the PR's objective to enhance search functionality.

• 33-36: The update to the replacements object to use escapedQueryTerms for regex pattern construction is correct and ensures that special characters are properly escaped.

• 42-45: The loop modification to iterate over escapedQueryTerms and the corresponding updates to the regexMatchCaseStatements and substringMatchCaseStatements are correctly implemented.