external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added AurJson query length limit.

Browse source 
Set a limit on the length of the query argument for searching.
A search of zero length returns a considerably sized result set.

Signed-off-by: eliott <eliott@cactuswax.net>
Signed-off-by: Loui Chang <louipc.ist@gmail.com>
This commit is contained in:
eliott 2008-04-05 00:14:04 -04:00 committed by Loui Chang
parent cad4689bc4
commit cc1f323d32
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
web/lib/aurjson.class.php
View file

@ -82,6 +82,10 @@ class AurJSON {
* @return mixed Returns an array of package matches. * @return mixed Returns an array of package matches.
**/ **/
private function search($keyword_string) { private function search($keyword_string) {
if (strlen($keyword_string) < 2) {
return $this->json_error('Query arg too small');
}
$keyword_string = mysql_real_escape_string($keyword_string, $this->dbh); $keyword_string = mysql_real_escape_string($keyword_string, $this->dbh);
$query = sprintf( $query = sprintf(
"SELECT Name,ID FROM Packages WHERE ( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' ) AND DummyPkg=0", "SELECT Name,ID FROM Packages WHERE ( Name LIKE '%%%s%%' OR Description LIKE '%%%s%%' ) AND DummyPkg=0",