Fix search parameter handling (#23)

- Add default value for search parameter
- Fix filter_var flags for language parameter
This commit is contained in:
Hypolite Petovan 2019-02-03 09:20:58 -05:00
parent b6aaa246f6
commit 0e4d5a035f

View file

@ -49,9 +49,10 @@ class Search extends BaseController
{ {
$pager = new Pager($this->l10n, $request, 20); $pager = new Pager($this->l10n, $request, 20);
$originalQuery = $query = filter_input(INPUT_GET, 'q'); $originalQuery = $query = $request->getParam('q', '');
$field = $request->getParam('field', '');
$field = filter_input(INPUT_GET, 'field', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW & FILTER_FLAG_STRIP_HIGH); $field = filter_var($field, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH | FILTER_FLAG_STRIP_BACKTICK);
$fieldName = ''; $fieldName = '';
@ -74,7 +75,6 @@ AGAINST (:query IN BOOLEAN MODE)";
$values = ['query' => $query]; $values = ['query' => $query];
$account_type = $args['account_type'] ?? ''; $account_type = $args['account_type'] ?? '';
$accountTypeTabs = $this->accountTypeTabs->render('search', $account_type, $sql_where, $values, ['q' => $originalQuery, 'field' => $field]); $accountTypeTabs = $this->accountTypeTabs->render('search', $account_type, $sql_where, $values, ['q' => $originalQuery, 'field' => $field]);