Checking search error terms with regex

author: Pjotr Prins 2018-03-29 07:58:11 +0000
committer: Pjotr Prins 2018-03-29 07:58:11 +0000
commit: f33afaa4df00aa0fef37ba9c5e70f3c19b96ce5c (patch)
tree: 122901f6d34abef4ba531fee5aea0ff55ad33aa5
parent: babe7424bfc06b2436b6e824389cf795afdf0a73 (diff)
download: genenetwork2-f33afaa4df00aa0fef37ba9c5e70f3c19b96ce5c.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/wqflask/wqflask/search_results.py b/wqflask/wqflask/search_results.py
index ca40f849..25f69f3f 100644
--- a/wqflask/wqflask/search_results.py
+++ b/wqflask/wqflask/search_results.py
@@ -10,6 +10,7 @@ import time
 import math
 import datetime
 import collections
+import re
 
 from pprint import pformat as pf
 
@@ -64,7 +65,10 @@ views.py).
         else:
             self.and_or = "and"
             self.search_terms = kw['search_terms_and']
-        if "http:" in self.search_terms:
+        search = self.search_terms
+        # check for dodgy search terms
+        regex = re.compile("http:|href|sql|select",re.IGNORECASE)
+        if regex.match(search):
             self.search_term_exists = False
             return
         else:
author	Pjotr Prins	2018-03-29 07:58:11 +0000
committer	Pjotr Prins	2018-03-29 07:58:11 +0000
commit	f33afaa4df00aa0fef37ba9c5e70f3c19b96ce5c (patch)
tree	122901f6d34abef4ba531fee5aea0ff55ad33aa5
parent	babe7424bfc06b2436b6e824389cf795afdf0a73 (diff)
download	genenetwork2-f33afaa4df00aa0fef37ba9c5e70f3c19b96ce5c.tar.gz