From f33afaa4df00aa0fef37ba9c5e70f3c19b96ce5c Mon Sep 17 00:00:00 2001
From: Pjotr Prins
Date: Thu, 29 Mar 2018 07:58:11 +0000
Subject: Checking search error terms with regex

---
 wqflask/wqflask/search_results.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/wqflask/wqflask/search_results.py b/wqflask/wqflask/search_results.py
index ca40f849..25f69f3f 100644
--- a/wqflask/wqflask/search_results.py
+++ b/wqflask/wqflask/search_results.py
@@ -10,6 +10,7 @@ import time
 import math
 import datetime
 import collections
+import re
 
 from pprint import pformat as pf
 
@@ -64,7 +65,10 @@ views.py).
         else:
             self.and_or = "and"
             self.search_terms = kw['search_terms_and']
-        if "http:" in self.search_terms:
+        search = self.search_terms
+        # check for dodgy search terms
+        regex = re.compile("http:|href|sql|select",re.IGNORECASE)
+        if regex.match(search):
             self.search_term_exists = False
             return
         else:
-- 
cgit v1.2.3