Code
/
upei_roblib_search
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

better query checking before redirect

2.x
Paul Pound 1 year ago
parent
9a8ac932a1
commit
6145608666
1 changed files with 10 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      src/Controller/RoblibSearchController.php

10
src/Controller/RoblibSearchController.php
Unescape View File

@ -3,8 +3,9 @@
namespace Drupal\roblib_search\Controller; namespace Drupal\roblib_search\Controller;
use Drupal\Core\Controller\ControllerBase; use Drupal\Core\Controller\ControllerBase;
use \Drupal\Core\Url; use Drupal\Core\Url;
use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\RedirectResponse;
use Drupal\Component\Utility\Html;
/** /**
* Controller for d3 graphs. * Controller for d3 graphs.
@ -19,7 +20,14 @@ class RoblibSearchController extends ControllerBase {
*/ */
public function searchResults($query = NULL) { public function searchResults($query = NULL) {
if ($query = $_GET['roblib_query']) { if ($query = $_GET['roblib_query']) {
$query = str_replace('/', ' ',$query);
$query = trim(Html::decodeEntities($query));
if(empty($query)) {
\Drupal::messenger()->addMessage($this->t('Please Enter a valid search string.'));
$url = Url::fromRoute('roblib_search.landing_page');
} else {
$url = Url::fromRoute('roblib_search.landing_page', ['query' => $query]); $url = Url::fromRoute('roblib_search.landing_page', ['query' => $query]);
}
return new RedirectResponse($url->toString()); return new RedirectResponse($url->toString());
} }
return [ return [

Write Preview
Loading…
Cancel
Save