Escape solr query, better query type management

lib/BookSearch.php

@@ -29,10 +29,13 @@ class BookSearch
         $this->query->addParam('q.op', 'AND');
     }
 
-    public function addQuery($queryText, $queryField = '')
+    public function addQuery($queryText, $queryField = null)
     {
-        if ($queryField != '')
+        $queryText= SolrUtils::escapeQueryChars($queryText);
+
+        if (strlen($queryField) > 0) {
             $queryText = "$queryField:\"$queryText\"";
+        }
 
         $this->queryParts[] = $queryText;
     }

mobile.netbiblio.php

@@ -328,7 +328,8 @@ class NetBiblio extends WebService
         }
 
         if (isset($queryArray['queryText']) && strlen($queryArray['queryText']) > 0) {
-            $bs->addQuery($queryArray['queryText'], $queryArray['queryType']);
+            $type = isset($queryArray['queryType']) ? $queryArray['queryType'] : null;
+            $bs->addQuery($queryArray['queryText'], $type);
         }
 
         if(isset($queryArray['reader']) && strlen($queryArray['reader']) > 0) {