Implemented search

This commit is contained in:
Pünkösd Marcell 2020-11-29 02:27:36 +01:00
parent 69555d4444
commit 1dd4e5eff3
2 changed files with 18 additions and 4 deletions

View File

@ -1,5 +1,10 @@
{% extends 'base.html' %}
{% block content %}
{% if search_query %}
<div class="row mx-2">
<h3>Results for {{ search_query }}</h3>
</div>
{% endif %}
{% if items %}
<div class="row mx-2">
{% for item in items %}

View File

@ -1,9 +1,11 @@
#!/usr/bin/env python3
from flask import render_template
from flask import render_template, request
from flask_classful import FlaskView
from models import Item
import bleach
"""
Index VIEW
"""
@ -15,9 +17,16 @@ __version__text__ = "1"
class IndexView(FlaskView):
route_base = '/'
def index(self):
search_query = request.args.get('search')
if search_query:
search_query = bleach.clean(search_query, tags=[])
# https://stackoverflow.com/questions/31949733/is-a-sqlalchemy-query-vulnerable-to-injection-attacks/31949750#31949750
items = Item.query.filter(Item.name.ilike(f"%{search_query}%")).all()
else:
items = Item.query.all()
return render_template("index.html", items=items)
return render_template("index.html", items=items, search_query=search_query)