From f33afaa4df00aa0fef37ba9c5e70f3c19b96ce5c Mon Sep 17 00:00:00 2001 From: Pjotr Prins Date: Thu, 29 Mar 2018 07:58:11 +0000 Subject: Checking search error terms with regex --- wqflask/wqflask/search_results.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/wqflask/wqflask/search_results.py b/wqflask/wqflask/search_results.py index ca40f849..25f69f3f 100644 --- a/wqflask/wqflask/search_results.py +++ b/wqflask/wqflask/search_results.py @@ -10,6 +10,7 @@ import time import math import datetime import collections +import re from pprint import pformat as pf @@ -64,7 +65,10 @@ views.py). else: self.and_or = "and" self.search_terms = kw['search_terms_and'] - if "http:" in self.search_terms: + search = self.search_terms + # check for dodgy search terms + regex = re.compile("http:|href|sql|select",re.IGNORECASE) + if regex.match(search): self.search_term_exists = False return else: -- cgit v1.2.3