/
Search.pm
244 lines (182 loc) · 5.53 KB
/
Search.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
package VegGuide::Role::Controller::Search;
use strict;
use warnings;
use namespace::autoclean;
use Scalar::Util qw( looks_like_number );
use URI::FromHash qw( uri );
use URI::QueryParam;
use Moose::Role;
sub _set_search_in_stash {
my $self = shift;
my $c = shift;
my %config = @_;
my $path = $config{path_query};
$path ||= $c->request()->captures()->[ $config{captured_path_position} ]
if exists $config{captured_path_position};
my $search = $self->_search_from_request(
$c,
$path,
$config{search_class},
{ $self->_extra_search_params( $c, $config{extra_params} ) },
);
return unless $self->_set_search_cursor_params( $c, $search );
my $stash = $c->stash();
$stash->{search} = $search;
$stash->{pager} = $search->pager();
return;
}
sub _set_map_search_in_stash {
my $self = shift;
my $c = shift;
my %config = @_;
my %extra = $self->_extra_search_params( $c, $config{extra_params} );
$extra{mappable_only} = 1;
my $path = $config{path_query};
$path ||= $c->request()->captures()->[ $config{captured_path_position} ]
if exists $config{captured_path_position};
my $search = $self->_search_from_request(
$c,
$path,
$config{search_class},
\%extra,
);
$search->set_cursor_params(
order_by => 'name',
sort_order => 'ASC',
page => 1,
limit => 0,
);
my $stash = $c->stash();
$stash->{search} = $search;
return;
}
sub _set_printable_search_in_stash {
my $self = shift;
my $c = shift;
my %config = @_;
my $path = $config{path_query};
$path ||= $c->request()->captures()->[ $config{captured_path_position} ]
if exists $config{captured_path_position};
my $search = $self->_search_from_request(
$c, $path,
$config{search_class}, {
$self->_extra_search_params( $c, $config{extra_params} ),
allow_closed => 0,
},
);
$search->set_cursor_params(
order_by => 'name',
sort_order => 'ASC',
page => 1,
limit => 0,
);
my $stash = $c->stash();
$stash->{search} = $search;
return;
}
sub _extra_search_params {
my $self = shift;
my $c = shift;
my $extra = shift;
return unless $extra;
return $extra->($c);
}
sub _search_from_request {
my $self = shift;
my $c = shift;
my $path = shift;
my $class = shift;
my $extra = shift;
my %p = (
$self->_params_from_path_query($path),
%{ $c->request()->parameters() },
%{ $extra || {} },
);
$self->_redirect_on_bad_request( $c, $class, %p );
delete $p{$_} for grep {/^possible/} keys %p;
delete @p{qw( order_by sort_order page limit )};
delete $p{'ie-hack'};
# used for forcing a JSON response
delete $p{'content-type'};
return $class->new(%p);
}
sub _redirect_on_bad_request {
my $self = shift;
my $c = shift;
my $class = shift;
my %p = @_;
if ( $p{sort} || $p{q} || $p{url} ) {
# Noise from COK Veg* redirects
my $uri = $c->request()->uri();
$uri->query_param_delete($_) for $uri->query_param();
$c->redirect_and_detach( $uri, 301 );
}
# Some l33t hacker bot keeps trying to stick links in these
# parameters
if ( grep { defined && /^http/ }
@p{ 'order_by', 'sort_order', 'page', 'limit' } ) {
$c->redirect_and_detach( q{/}, 301 );
}
# More l33t hackers
if ( grep { /\.\./ || /_ult/ } keys %p ) {
$c->redirect_and_detach( q{/}, 301 );
}
if ( $class =~ /ByLatLong/ && ! exists $p{address} ) {
$c->redirect_and_detach( q{/}, 301 );
}
my @bad_keys = qw( location_id new_query amp from );
# Some bad redirects pointed bots to these URIs and now they keep
# trying them -
# /region/706?page=1&sort_order=DESC&order_by=Rating&location_id=706
# and some are still including new_query=1
#
# weather.com generates links with from=search_webresults<1> in the query
# string (wtf)
if ( grep { exists $p{$_} } @bad_keys ) {
my $p = $c->request()->parameters();
delete @{$p}{@bad_keys};
my $path = uri(
path => '/' . $c->request()->path(),
query => $p,
);
$c->redirect_and_detach( $path, 301 );
}
}
sub _set_search_cursor_params {
my $self = shift;
my $c = shift;
my $search = shift;
my $params = $c->request()->parameters();
my $page = $params->{page} || 1;
if ( $page =~ /\D/ ) {
$c->redirect_and_detach( $search->uri(1) );
}
my $limit = $params->{limit} || $c->vg_user()->entries_per_page();
$limit = 20 unless looks_like_number($limit);
$limit = 100 if $limit > 100;
my %p = (
page => $page,
limit => $limit,
);
for my $k (qw( order_by sort_order )) {
$p{$k} = $params->{$k}
if defined $params->{$k};
}
$search->set_cursor_params(%p);
if ( ( $page - 1 ) * $limit > $search->count() ) {
$c->redirect_and_detach( $search->uri(1) );
}
return 1;
}
sub _search_post {
my $self = shift;
my $c = shift;
my $is_map = shift;
my $meth = $is_map ? '_set_map_search_in_stash' : '_set_search_in_stash';
$self->$meth( $c, @_ );
my $search = $c->stash()->{search};
return unless $search;
my $uri_meth = $is_map ? 'map_uri' : 'uri';
$c->response()->redirect( $search->$uri_meth() );
}
1;