Implemented search
This commit is contained in:
parent
69555d4444
commit
1dd4e5eff3
|
|
@ -1,5 +1,10 @@
|
||||||
{% extends 'base.html' %}
|
{% extends 'base.html' %}
|
||||||
{% block content %}
|
{% block content %}
|
||||||
|
{% if search_query %}
|
||||||
|
<div class="row mx-2">
|
||||||
|
<h3>Results for {{ search_query }}</h3>
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
{% if items %}
|
{% if items %}
|
||||||
<div class="row mx-2">
|
<div class="row mx-2">
|
||||||
{% for item in items %}
|
{% for item in items %}
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,11 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python3
|
||||||
from flask import render_template
|
from flask import render_template, request
|
||||||
from flask_classful import FlaskView
|
from flask_classful import FlaskView
|
||||||
|
|
||||||
from models import Item
|
from models import Item
|
||||||
|
|
||||||
|
import bleach
|
||||||
|
|
||||||
"""
|
"""
|
||||||
Index VIEW
|
Index VIEW
|
||||||
"""
|
"""
|
||||||
|
|
@ -15,9 +17,16 @@ __version__text__ = "1"
|
||||||
|
|
||||||
|
|
||||||
class IndexView(FlaskView):
|
class IndexView(FlaskView):
|
||||||
|
|
||||||
route_base = '/'
|
route_base = '/'
|
||||||
|
|
||||||
def index(self):
|
def index(self):
|
||||||
|
search_query = request.args.get('search')
|
||||||
|
|
||||||
|
if search_query:
|
||||||
|
search_query = bleach.clean(search_query, tags=[])
|
||||||
|
# https://stackoverflow.com/questions/31949733/is-a-sqlalchemy-query-vulnerable-to-injection-attacks/31949750#31949750
|
||||||
|
items = Item.query.filter(Item.name.ilike(f"%{search_query}%")).all()
|
||||||
|
else:
|
||||||
items = Item.query.all()
|
items = Item.query.all()
|
||||||
return render_template("index.html", items=items)
|
|
||||||
|
return render_template("index.html", items=items, search_query=search_query)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue