Comment 1 for bug 1310751

Specifically, this is a query construction issue having to do with the explicit boolean pushdown that we do in QueryParser. The most correct solution would really be to use the floating subquery syntax provided by QueryParser for all the query elements that are not user-typed (that is, checkboxes, dropdowns, etc), and gut nearly all of the layers of indirection that exist inside open-ils.search and open-ils.storage. OTTOMH, there are at least three API calls used serially, that are purely there as compatability shims for older search backends.

Once those shims are gone, the tpac should construct QP strings, and retrieve QP query objects for later inspection.

As an example of the floating subquery syntax, consider the filters and modifiers in this search, wrapped in {{}}:

   (title:Piano concerto && author:bartok) {{#metabib sort(authorsort) #available search_format(blu-ray) site(CONS)}}

Wrapping the filters and modifiers in the {{}} syntax protects them from user input.