![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] sanitize GET URLs in directory.bml
[commit: http://hg.dwscoalition.org/dw-free/rev/3ec2525b0c3e]
http://bugs.dwscoalition.org/show_bug.cgi?id=3354
New function LJ::page_change_getargs that replaces BML functions. New option
'no_blank' for LJ::create_url.
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
kareila.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=3354
New function LJ::page_change_getargs that replaces BML functions. New option
'no_blank' for LJ::create_url.
Patch by
kareila.Files modified:
- cgi-bin/DW/Controller/Search/Interests.pm
- cgi-bin/weblib.pl
- htdocs/directory.bml
--------------------------------------------------------------------------------
diff -r 7f71600083e9 -r 3ec2525b0c3e cgi-bin/DW/Controller/Search/Interests.pm
--- a/cgi-bin/DW/Controller/Search/Interests.pm Mon Jan 03 11:11:16 2011 -0600
+++ b/cgi-bin/DW/Controller/Search/Interests.pm Mon Jan 03 15:51:45 2011 -0600
@@ -318,12 +318,14 @@ sub interest_handler {
&& $should_show->( $_ ) # and should show to the remote user
} values %$us;
my $navbar;
+ my $self_link = sub { LJ::page_change_getargs( page => $_[0] ) };
my $results =
LJ::user_search_display( users => \@ul,
timesort => 1,
perpage => 50,
curpage => exists $args->{page} ?
$args->{page} : 1,
+ self_link => $self_link,
navbar => \$navbar );
$rv->{int_users} = { count => scalar( @ul ), navbar => $navbar,
diff -r 7f71600083e9 -r 3ec2525b0c3e cgi-bin/weblib.pl
--- a/cgi-bin/weblib.pl Mon Jan 03 11:11:16 2011 -0600
+++ b/cgi-bin/weblib.pl Mon Jan 03 15:51:45 2011 -0600
@@ -436,7 +436,22 @@ sub paging_bar {
return "<div class='action-box'>$nav</div>\n";
}
-# drop-in replacement for BML::paging in non-BML context
+=head2 C<< LJ::page_change_getargs( %args ) >>
+Returns the current URL with a modified list of GET arguments.
+=cut
+
+sub page_change_getargs {
+ my %args = @_;
+ my %cu_opts = ( keep_args => 1, no_blank => 1 );
+
+ # specified args will override keep_args
+ return LJ::create_url( undef, args => \%args, %cu_opts );
+}
+
+=head2 C<< LJ::paging( $listref, $page, $pagesize ) >>
+Drop-in replacement for BML::paging in non-BML context.
+=cut
+
sub paging {
my ( $listref, $page, $pagesize ) = @_;
$page = 1 unless $page && $page == int $page;
@@ -446,17 +461,7 @@ sub paging {
my $newurl = sub {
# replaces BML::page_newurl
- my $page = $_[0];
- my $r = DW::Request->get;
- my $args = $r->get_args;
- my ( $url ) = split /\?/, $r->uri;
- my @pair = ();
-
- foreach ( sort grep { $_ ne "page" } keys %$args ) {
- push @pair, ( LJ::eurl( $_ ) . "=" . LJ::eurl( $args->{$_} ) );
- }
- push @pair, "page=$page";
- return $url . "?" . join( "&", @pair );
+ return LJ::page_change_getargs( page => $_[0] );
};
$self{itemcount} = scalar @items;
@@ -1201,6 +1206,7 @@ fragment -- add fragment identifier
fragment -- add fragment identifier
cur_args -- hashref of current GET arguments to the page
keep_args -- arguments to keep
+no_blank -- remove keys with null values from GET args
viewing_style -- include viewing style args
=cut
@@ -1237,10 +1243,14 @@ sub create_url {
}
foreach my $k ( keys %out_args ) {
- delete $out_args{$k} unless defined $out_args{$k};
+ if ( ! defined $out_args{$k} ) {
+ delete $out_args{$k};
+ } elsif ( ! length $out_args{$k} ) {
+ delete $out_args{$k} if $opts{no_blank};
+ }
}
- my $args = encode_url_string( \%out_args );
+ my $args = LJ::encode_url_string( \%out_args, [ sort keys %out_args ] );
$url .= "?$args" if $args;
$url .= "#" . $opts{fragment} if $opts{fragment};
diff -r 7f71600083e9 -r 3ec2525b0c3e htdocs/directory.bml
--- a/htdocs/directory.bml Mon Jan 03 11:11:16 2011 -0600
+++ b/htdocs/directory.bml Mon Jan 03 15:51:45 2011 -0600
@@ -179,10 +179,8 @@ body<=
# do a refresh to the page with the finished results.
# this will display some nice text to the user while they wait
# for their results.
- my ($uri, $args) = (BML::get_uri(), BML::get_query_string());
- $uri .= '?' . $args if $args;
- my $refurl = LJ::ehtml($LJ::SITEROOT . $uri);
- $refurl .= ($args ? "&" : "?") . 'start_search=1';
+
+ my $refurl = LJ::ehtml( LJ::page_change_getargs( start_search => 1 ) );
$headextra = "<meta http-equiv='Refresh' content='1;URL=$refurl' id='refresher' />";
my $dots = LJ::img( 'searchdots', '' );
@@ -211,16 +209,9 @@ body<=
<?h1 $ML{'.search_results'} h1?>
};
-
- my ( $uri, $args ) = ( BML::get_uri(), BML::get_query_string() );
-
- $args =~ s/(\?|\&)page=\d*//gi;
- $args =~ s/(\?|\&)journaltype=[CPI]?//gi;
- $args =~ s/(\?|\&)start_search=\d*//gi;
- $uri .= '?' . $args if $args;
-
- my $filter_url = LJ::ehtml( $LJ::SITEROOT . $uri );
- $filter_url .= ($args ? "&" : "?") . 'start_search=1';
+ my $filter_url = LJ::ehtml( LJ::page_change_getargs( start_search => 1,
+ journaltype => '',
+ page => '' ) );
my $all_search = "$ML{'.new_all_search'}";
$all_search = "<a href='$filter_url'>$all_search</a>"
--------------------------------------------------------------------------------