From 1c3c4686756834a12c32b401f49a30c61a0d7929 Mon Sep 17 00:00:00 2001
From: Robin Ward <robin.ward@gmail.com>
Date: Mon, 26 Aug 2013 16:25:02 -0400
Subject: [PATCH] FIX: Single quotes in search terms would raise an error.

---
 lib/search.rb                  | 4 ++--
 spec/components/search_spec.rb | 4 ++++
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/search.rb b/lib/search.rb
index c4c086ad78e..a4fb577ef46 100644
--- a/lib/search.rb
+++ b/lib/search.rb
@@ -177,8 +177,8 @@ class Search
 
     def ts_query
       @ts_query ||= begin
-        escaped_term = PG::Connection.escape_string(@term.gsub(/[:()&!]/,''))
-        query = Post.sanitize(escaped_term.split.map {|t| "#{t}:*"}.join(" & "))
+        all_terms = @term.gsub(/[:()&!'"]/,'').split
+        query = Post.sanitize(all_terms.map {|t| "#{PG::Connection.escape_string(t)}:*"}.join(" & "))
         "TO_TSQUERY(#{query_locale}, #{query})"
       end
     end
diff --git a/spec/components/search_spec.rb b/spec/components/search_spec.rb
index 02d9466f977..0bf0ac91644 100644
--- a/spec/components/search_spec.rb
+++ b/spec/components/search_spec.rb
@@ -92,6 +92,10 @@ describe Search do
     Search.new('foo :!$);}]>@\#\"\'').execute.should be_blank # There are at least three levels of sanitation for Search.query!
   end
 
+  it "doesn't raise an error when single quotes are present" do
+    Search.new("'hello' world").execute.should be_blank # There are at least three levels of sanitation for Search.query!
+  end
+
   it 'works when given two terms with spaces' do
     lambda { Search.new('evil trout').execute }.should_not raise_error
   end