lucene-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe <>
Subject Lucene code injection?
Date Thu, 24 May 2007 12:34:57 GMT

I indexed emails. And now i want to restrict the search functionality for
users so they only can search for emails to/from him.

i know the email address of the user so my plan is to do it in the following
The user enters some search parameters, they are combined in a query.
This is a mix of TermQueries and WildcardQueries combined with 

This query i will combine with a TermQuery which include only hits with 
the email
address of the user. (parameter-query) AND (emailaddress-query)

Is this good practice?
And is this save?
Or can a user do some kind of code injection to get other emails?

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message