goodspeed/Cloudlog
1
0
派生 0
代码 工单 合并请求 项目 版本发布 软件包 百科 动态 Actions

Refactor and secure public search. Table now sortable

浏览代码
这个提交包含在:
phl0 2023-07-13 16:43:17 +02:00
父节点 b54b13d9aa
当前提交 5d787c0360
找不到此签名对应的密钥
GPG 密钥 ID: 48EA1E640798CA9A
共有 5 个文件被更改,包括 89 次插入38 次删除
显示统计信息 下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

19
application/controllers/Visitor.php
查看文件

@ -467,20 +467,21 @@ class Visitor extends CI_Controller {
} }
public function search() { public function search() {
$slug = $this->security->xss_clean($this->uri->segment(3)); $callsign = $this->security->xss_clean($this->input->post('callsign'));
$callsign = $this->security->xss_clean($this->uri->segment(4)); $public_slug = $this->security->xss_clean($this->input->post('public_slug'));
$this->load->model('publicsearch'); $this->load->model('publicsearch');
$result = $this->publicsearch->search($slug, $callsign); $result = $this->publicsearch->search($public_slug, $callsign);
$this->search_result($result, $callsign);
}
private function search_result($search_results, $callsign) {
$data['callsign'] = $callsign; $data['callsign'] = $callsign;
if ($search_results->num_rows() > 0) { $data['slug'] = $public_slug;
$data['results'] = $search_results; if (!empty($result) && $result->num_rows() > 0) {
$data['results'] = $result;
$this->load->view('visitor/layout/header', $data);
$this->load->view('public_search/result.php', $data); $this->load->view('public_search/result.php', $data);
$this->load->view('visitor/layout/footer');
} else { } else {
$this->load->view('visitor/layout/header', $data);
$this->load->view('public_search/empty.php', $data); $this->load->view('public_search/empty.php', $data);
$this->load->view('visitor/layout/footer');
} }
} }

15
application/models/Publicsearch.php
查看文件

@ -3,6 +3,7 @@
class Publicsearch extends CI_Model { class Publicsearch extends CI_Model {
function search($slug, $callsign) { function search($slug, $callsign) {
if ($this->public_search_enabled($slug)) {
$userid = $this->get_userid_for_slug($slug); $userid = $this->get_userid_for_slug($slug);
$this->db->where('COL_CALL', $callsign); $this->db->where('COL_CALL', $callsign);
$this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id'); $this->db->join('station_profile', 'station_profile.station_id = '.$this->config->item('table_name').'.station_id');
@ -10,18 +11,28 @@ class Publicsearch extends CI_Model {
$this->db->where('station_profile.user_id', $userid); $this->db->where('station_profile.user_id', $userid);
$this->db->order_by('COL_TIME_ON', 'DESC'); $this->db->order_by('COL_TIME_ON', 'DESC');
$query = $this->db->get($this->config->item('table_name')); $query = $this->db->get($this->config->item('table_name'));
return $query; return $query;
} }
return false;
}
function get_userid_for_slug($slug) { function get_userid_for_slug($slug) {
$this->db->select('user_id'); $this->db->select('user_id');
$this->db->where('public_slug', $slug); $this->db->where('public_slug', $slug);
$query = $this->db->get('station_logbooks'); $query = $this->db->get('station_logbooks');
return $query->result_array()[0]['user_id']; return $query->result_array()[0]['user_id'];
} }
function public_search_enabled($slug) {
$this->db->select('public_search');
$this->db->where('public_slug', $slug);
$query = $this->db->get('station_logbooks');
if ($query->result_array()[0]['public_search'] == 1) {
return true;
}
return false;
}
} }
?> ?>

2
application/views/public_search/result.php
查看文件

@ -7,7 +7,7 @@
if ($results) { ?> if ($results) { ?>
<div class="table-responsive"> <div class="table-responsive">
<table style="width:100%" class="table contacttable table-striped table-hover"> <table style="width:100%" id="publicsearchtable" class="publicsearchtable table table-sm table-striped table-hover">
<thead> <thead>
<tr class="titles"> <tr class="titles">
<th><?php echo lang('general_word_date'); ?></th> <th><?php echo lang('general_word_date'); ?></th>

67
application/views/visitor/layout/footer.php
查看文件

@ -52,20 +52,6 @@
}); });
</script> </script>
<script type="text/javascript">
function publicSearchButtonPress(){
event.preventDefault()
if ($('#callsign').val()) {
let fixedcall = $('#callsign').val();
$('#map').hide();
$('#container').hide();
$('#partial_view').load("search/<?php echo $slug ?>/" + fixedcall.replace('Ø', '0'), function() {
$('[data-toggle="tooltip"]').tooltip()
});
}
}
</script>
<?php if ($this->uri->segment(2) == "satellites") { ?> <?php if ($this->uri->segment(2) == "satellites") { ?>
@ -212,5 +198,58 @@
<?php } ?> <?php } ?>
<?php } ?> <?php } ?>
</script> </script>
<?php if ($this->CI->public_search_enabled($slug) || $this->session->userdata('user_type') >= 2) { ?>
<script type="text/javascript" src="<?php echo base_url(); ?>assets/js/datatables.min.js"></script>
<script type="text/javascript" src="<?php echo base_url(); ?>assets/js/dataTables.buttons.min.js"></script>
<script type="text/javascript" src="<?php echo base_url(); ?>assets/js/moment.min.js"></script>
<script type="text/javascript" src="<?php echo base_url(); ?>assets/js/datetime-moment.js"></script>
<script>
<?php switch($this->config->item('qso_date_format')) {
case 'd/m/y': $usethisformat = 'D/MM/YY';break;
case 'd/m/Y': $usethisformat = 'D/MM/YYYY';break;
case 'm/d/y': $usethisformat = 'MM/D/YY';break;
case 'm/d/Y': $usethisformat = 'MM/D/YYYY';break;
case 'd.m.Y': $usethisformat = 'D.MM.YYYY';break;
case 'y/m/d': $usethisformat = 'YY/MM/D';break;
case 'Y-m-d': $usethisformat = 'YYYY-MM-D';break;
case 'M d, Y': $usethisformat = 'MMM D, YYYY';break;
case 'M d, y': $usethisformat = 'MMM D, YY';break;
default: $usethisformat = 'YYYY-MM-D';
} ?>
$.fn.dataTable.moment('<?php echo $usethisformat ?>');
$.fn.dataTable.ext.buttons.clear = {
className: 'buttons-clear',
action: function ( e, dt, node, config ) {
dt.search('').draw();
}
};
$('#publicsearchtable').DataTable({
"pageLength": 25,
responsive: false,
ordering: true,
"scrollY": "500px",
"scrollCollapse": true,
"paging": false,
"scrollX": true,
"order": [ 0, 'desc' ],
dom: 'Bfrtip',
buttons: [
{
extend: 'csv'
},
{
extend: 'clear',
text: 'Clear'
}
]
});
// change color of csv-button if dark mode is chosen
if (isDarkModeTheme()) {
$('[class*="buttons"]').css("color", "white");
}
</script>
<?php } ?>
</body> </body>
</html> </html>

6
application/views/visitor/layout/header.php
查看文件

@ -76,10 +76,10 @@
<?php if (!empty($slug)) { <?php if (!empty($slug)) {
$this->CI =& get_instance(); $this->CI =& get_instance();
if ($this->CI->public_search_enabled($slug) || $this->session->userdata('user_type') >= 2) { ?> if ($this->CI->public_search_enabled($slug) || $this->session->userdata('user_type') >= 2) { ?>
<form method="post" action="" class="form-inline"> <form method="post" action="<?php echo site_url('visitor/search'); ?>" class="form-inline">
<input class="form-control mr-sm-2" id="callsign" type="search" name="callsign" placeholder="<?php echo lang('menu_search_text'); ?>" style="text-transform: uppercase;" aria-label="Search"> <input class="form-control mr-sm-2" id="callsign" type="search" name="callsign" placeholder="<?php echo lang('menu_search_text'); ?>" style="text-transform: uppercase;" aria-label="Search">
<input type="hidden" name="public_slug" value="<?php echo $slug; ?>">
<button onclick="publicSearchButtonPress()" class="btn btn-outline-success my-2 my-sm-0" type="submit"><i class="fas fa-search"></i> <?php echo lang('menu_search_button'); ?></button> <button class="btn btn-outline-success my-2 my-sm-0" type="submit"><i class="fas fa-search"></i> <?php echo lang('menu_search_button'); ?></button>
</form> </form>
<?php } <?php }
} ?> } ?>