feat: support POST for search queries

Enhanced the search functionality to support POST requests, ensuring
more versatile and secure handling of search queries. This change
involves accepting search queries through both GET and POST methods,
aligning with best practices for handling potentially sensitive user
inputs. Additionally, refactored conditionals for improved readability
and maintainability of the code. This update aims at enhancing user
experience and security, paving the way for future improvements in how
user inputs are processed and handled within the application.

main.py

@@ -336,7 +336,10 @@ def category_page(name, teachers=False):
     contests = []
 
     for channel in global_ibles["/projects"]:
-        if channel["channel"].startswith(name.lower()) and channel["channel"] not in channels:
+        if (
+            channel["channel"].startswith(name.lower())
+            and channel["channel"] not in channels
+        ):
             channels.append(channel["channel"])
 
     category_ibles, total = projects_search(
@@ -459,7 +462,9 @@ def project_list(head, sort="", per_page=20):
 
         elif "search" in path.split("/"):
             ibles = []
-            query = request.args.get("q")
+            query = (
+                request.args.get("q") if request.method == "GET" else request.form["q"]
+            )
 
             project_ibles, total = projects_search(
                 query=query,
@@ -749,7 +754,7 @@ def route_projects():
     return project_list("")
 
 
-@app.route("/search")
+@app.route("/search", methods=["POST", "GET"])
 def route_search():
     return project_list("Search")
 

templates/header.html

@@ -21,7 +21,7 @@
         </ul>
       </div>
       <div class="navbar-form navbar-right">
-        <form class="form-inline" action="/search" method="GET">
+        <form class="form-inline" action="/search" method="post">
           <input
             class="form-control"
             type="search"