From a8c4ef58277bcf0b29613684b30ae84f274bc73b Mon Sep 17 00:00:00 2001 From: Kumi Date: Thu, 28 Mar 2024 16:22:59 +0100 Subject: [PATCH] feat: support POST for search queries Enhanced the search functionality to support POST requests, ensuring more versatile and secure handling of search queries. This change involves accepting search queries through both GET and POST methods, aligning with best practices for handling potentially sensitive user inputs. Additionally, refactored conditionals for improved readability and maintainability of the code. This update aims at enhancing user experience and security, paving the way for future improvements in how user inputs are processed and handled within the application. --- main.py | 11 ++++++++--- templates/header.html | 2 +- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/main.py b/main.py index 624661d..9115f03 100644 --- a/main.py +++ b/main.py @@ -336,7 +336,10 @@ def category_page(name, teachers=False): contests = [] for channel in global_ibles["/projects"]: - if channel["channel"].startswith(name.lower()) and channel["channel"] not in channels: + if ( + channel["channel"].startswith(name.lower()) + and channel["channel"] not in channels + ): channels.append(channel["channel"]) category_ibles, total = projects_search( @@ -459,7 +462,9 @@ def project_list(head, sort="", per_page=20): elif "search" in path.split("/"): ibles = [] - query = request.args.get("q") + query = ( + request.args.get("q") if request.method == "GET" else request.form["q"] + ) project_ibles, total = projects_search( query=query, @@ -749,7 +754,7 @@ def route_projects(): return project_list("") -@app.route("/search") +@app.route("/search", methods=["POST", "GET"]) def route_search(): return project_list("Search") diff --git a/templates/header.html b/templates/header.html index 7f2e5d4..8621f27 100644 --- a/templates/header.html +++ b/templates/header.html @@ -21,7 +21,7 @@