opencultureconsulting
/
kitodo-presentation
mirror of https://github.com/kitodo/kitodo-presentation.git
2
0
Fork 0
Code Issues Releases Activity

add datesearch input sanitization and apply filterquery to search

This commit is contained in:
Michael Kubina 2022-11-24 13:33:23 +01:00
parent ba3f36d073
commit 13eba6f2c7
2 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Classes/Common/SolrSearch.php
View File

@ -208,6 +208,12 @@ class SolrSearch implements \Countable, \Iterator, \ArrayAccess, QueryResultInte
}
}
// Add filter query for date search
if (!empty($this->searchParams['dateFrom']) && !empty($this->searchParams['dateTo'])) {
// combine dateFrom and dateTo into range search
$params['filterquery'][]['query'] = '{!join from=' . $fields['uid'] . ' to=' . $fields['uid'] . '}'. $fields['date'] . ':[' . $this->searchParams['dateFrom'] . ' TO ' . $this->searchParams['dateTo'] . ']';
}
// Add filter query for faceting.
if (isset($this->searchParams['fq']) && is_array($this->searchParams['fq'])) {
foreach ($this->searchParams['fq'] as $filterQuery) {

28
Classes/Controller/SearchController.php
View File

@ -106,6 +106,28 @@ class SearchController extends AbstractController
$listViewSearch = true;
}
// sanitize date search input
if(empty($this->searchParams['dateFrom']) && !empty($this->searchParams['dateTo'])) {
$this->searchParams['dateFrom'] = $this->searchParams['dateTo'];
}
if(empty($this->searchParams['dateTo']) && !empty($this->searchParams['dateFrom'])) {
$this->searchParams['dateTo'] = $this->searchParams['dateFrom'];
}
/* // alternative sanitize logic
if(empty($this->searchParams['dateFrom'])) {
$this->searchParams['dateFrom'] = "0000-01-01";
}
if(empty($this->searchParams['dateTo'])) {
$this->searchParams['dateTo'] = "9999-12-31";
}
*/
if($this->searchParams['dateFrom'] > $this->searchParams['dateTo']) {
$tmpDate = $this->searchParams['dateFrom'];
$this->searchParams['dateFrom'] = $this->searchParams['dateTo'];
$this->searchParams['dateTo'] = $tmpDate;
}
// Pagination of Results: Pass the currentPage to the fluid template to calculate current index of search result.
$widgetPage = $this->getParametersSafely('@widget_0');
if (empty($widgetPage)) {
@ -241,6 +263,12 @@ class SearchController extends AbstractController
}
}
// add filter query for date search
if (!empty($this->searchParams['dateFrom']) && !empty($this->searchParams['dateTo'])) {
// combine dateFrom and dateTo into filterquery as range search
$search['params']['filterquery'][]['query'] = '{!join from=' . $fields['uid'] . ' to=' . $fields['uid'] . '}' . $fields['date'] . ':[' . $this->searchParams['dateFrom'] . ' TO ' . $this->searchParams['dateTo'] . ']';
}
// Add extended search query.
if (
!empty($searchParams['extQuery'])