aboutsummaryrefslogtreecommitdiff
path: root/wqflask
diff options
context:
space:
mode:
Diffstat (limited to 'wqflask')
-rw-r--r--wqflask/wqflask/search_results.py2
-rw-r--r--wqflask/wqflask/views.py5
2 files changed, 4 insertions, 3 deletions
diff --git a/wqflask/wqflask/search_results.py b/wqflask/wqflask/search_results.py
index 25f69f3f..41fcf873 100644
--- a/wqflask/wqflask/search_results.py
+++ b/wqflask/wqflask/search_results.py
@@ -67,7 +67,7 @@ views.py).
self.search_terms = kw['search_terms_and']
search = self.search_terms
# check for dodgy search terms
- regex = re.compile("http:|href|sql|select",re.IGNORECASE)
+ regex = re.compile("http:|href|sql|select|update",re.IGNORECASE)
if regex.match(search):
self.search_term_exists = False
return
diff --git a/wqflask/wqflask/views.py b/wqflask/wqflask/views.py
index 3ebef046..a65924d8 100644
--- a/wqflask/wqflask/views.py
+++ b/wqflask/wqflask/views.py
@@ -199,14 +199,15 @@ def search_page():
logger.info("request.args is", request.args)
the_search = search_results.SearchResultPage(request.args)
result = the_search.__dict__
+ valid_search = result['search_term_exists']
logger.debugf("result", result)
- if USE_REDIS:
+ if USE_REDIS and valid_search:
Redis.set(key, pickle.dumps(result, pickle.HIGHEST_PROTOCOL))
Redis.expire(key, 60*60)
- if result['search_term_exists']:
+ if valid_search:
return render_template("search_result_page.html", **result)
else:
return render_template("search_error.html")