From d8142abbbee6a44693bd303838777fb93013b5c2 Mon Sep 17 00:00:00 2001 From: Johannes Löthberg Date: Sun, 28 Jun 2015 19:48:23 +0200 Subject: Expose name-only search through the RPC interface MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes FS#37317. Signed-off-by: Johannes Löthberg Signed-off-by: Lukas Fleischer --- web/lib/aurjson.class.php | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'web/lib/aurjson.class.php') diff --git a/web/lib/aurjson.class.php b/web/lib/aurjson.class.php index 9e7c220..8ead253 100644 --- a/web/lib/aurjson.class.php +++ b/web/lib/aurjson.class.php @@ -16,6 +16,9 @@ class AurJSON { 'search', 'info', 'multiinfo', 'msearch', 'suggest', 'suggest-pkgbase' ); + private static $exposed_fields = array( + 'name', 'name-desc' + ); private static $fields_v1 = array( 'Packages.ID', 'Packages.Name', 'PackageBases.ID AS PackageBaseID', @@ -83,6 +86,9 @@ class AurJSON { if (!in_array($http_data['type'], self::$exposed_methods)) { return $this->json_error('Incorrect request type specified.'); } + if (isset($http_data['search_by']) && !in_array($http_data['search_by'], self::$exposed_fields)) { + return $this->json_error('Incorrect search_by field specified.'); + } $this->dbh = DB::connect(); @@ -328,6 +334,11 @@ class AurJSON { */ private function search($http_data) { $keyword_string = $http_data['arg']; + if (isset($http_data['search_by'])) { + $search_by = $http_data['search_by']; + } else { + $search_by = 'name-desc'; + } if (strlen($keyword_string) < 2) { return $this->json_error('Query arg too small'); @@ -335,8 +346,12 @@ class AurJSON { $keyword_string = $this->dbh->quote("%" . addcslashes($keyword_string, '%_') . "%"); - $where_condition = "(Packages.Name LIKE $keyword_string OR "; - $where_condition .= "Description LIKE $keyword_string)"; + if ($search_by === 'name') { + $where_condition = "(Packages.Name LIKE $keyword_string)"; + } else if ($search_by === 'name-desc') { + $where_condition = "(Packages.Name LIKE $keyword_string OR "; + $where_condition .= "Description LIKE $keyword_string)"; + } return $this->process_query('search', $where_condition); } -- cgit v1.2.3-70-g09d2