From ac5d242f6d02246fa95e04c9c6729e72f5599e23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Wed, 9 Apr 2025 12:53:51 -0400 Subject: [PATCH] some req.query fixes --- src/controllers/search.js | 21 +++++++++++---------- src/controllers/unread.js | 4 ++-- src/middleware/headers.js | 2 ++ src/routes/write/posts.js | 5 ++++- 4 files changed, 19 insertions(+), 13 deletions(-) diff --git a/src/controllers/search.js b/src/controllers/search.js index 8b21189e7d..081118dcc5 100644 --- a/src/controllers/search.js +++ b/src/controllers/search.js @@ -32,10 +32,11 @@ searchController.search = async function (req, res, next) { 'search:content': privileges.global.can('search:content', req.uid), 'search:tags': privileges.global.can('search:tags', req.uid), }); - req.query.in = req.query.in || meta.config.searchDefaultIn || 'titlesposts'; - let allowed = (req.query.in === 'users' && userPrivileges['search:users']) || - (req.query.in === 'tags' && userPrivileges['search:tags']) || - (req.query.in === 'categories') || + const query = { ...req.query }; + query.in = req.query.in || meta.config.searchDefaultIn || 'titlesposts'; + let allowed = (query.in === 'users' && userPrivileges['search:users']) || + (query.in === 'tags' && userPrivileges['search:tags']) || + (query.in === 'categories') || (['titles', 'titlesposts', 'posts', 'bookmarks'].includes(req.query.in) && userPrivileges['search:content']); ({ allowed } = await plugins.hooks.fire('filter:search.isAllowed', { uid: req.uid, @@ -47,20 +48,20 @@ searchController.search = async function (req, res, next) { } if (req.query.categories && !Array.isArray(req.query.categories)) { - req.query.categories = [req.query.categories]; + query.categories = [req.query.categories]; } if (req.query.hasTags && !Array.isArray(req.query.hasTags)) { - req.query.hasTags = [req.query.hasTags]; + query.hasTags = [req.query.hasTags]; } const data = { query: req.query.term, - searchIn: req.query.in, + searchIn: query.in, matchWords: req.query.matchWords || 'all', postedBy: req.query.by, - categories: req.query.categories, + categories: query.categories, searchChildren: req.query.searchChildren, - hasTags: req.query.hasTags, + hasTags: query.hasTags, replies: validator.escape(String(req.query.replies || '')), repliesFilter: validator.escape(String(req.query.repliesFilter || '')), timeRange: validator.escape(String(req.query.timeRange || '')), @@ -70,7 +71,7 @@ searchController.search = async function (req, res, next) { page: page, itemsPerPage: req.query.itemsPerPage, uid: req.uid, - qs: req.query, + qs: query, }; const [searchData] = await Promise.all([ diff --git a/src/controllers/unread.js b/src/controllers/unread.js index 871f3252c0..b74ec67aa4 100644 --- a/src/controllers/unread.js +++ b/src/controllers/unread.js @@ -59,8 +59,8 @@ unreadController.get = async function (req, res) { }); if (userSettings.usePagination && (page < 1 || page > data.pageCount)) { - req.query.page = Math.max(1, Math.min(data.pageCount, page)); - return helpers.redirect(res, `/unread?${querystring.stringify(req.query)}`); + const query = { ...req.query, page: Math.max(1, Math.min(data.pageCount, page))}; + return helpers.redirect(res, `/unread?${querystring.stringify(query)}`); } data.canPost = canPost; data.showSelect = true; diff --git a/src/middleware/headers.js b/src/middleware/headers.js index e424f8af95..5a6f3e2681 100644 --- a/src/middleware/headers.js +++ b/src/middleware/headers.js @@ -86,6 +86,7 @@ module.exports = function (middleware) { if (req.query.lang) { const langs = await listCodes(); if (!langs.includes(req.query.lang)) { + // TODO: cant set req.query.lang req.query.lang = meta.config.defaultLang; } return next(); @@ -97,6 +98,7 @@ module.exports = function (middleware) { if (!lang) { return next(); } + // TODO: cant set req.query.lang req.query.lang = lang; } diff --git a/src/routes/write/posts.js b/src/routes/write/posts.js index 13a55da0d6..7ff361aea3 100644 --- a/src/routes/write/posts.js +++ b/src/routes/write/posts.js @@ -51,7 +51,10 @@ module.exports = function () { // Shorthand route to access post routes by topic index // TODO: upgrade to express 5 - // router.all('/+byIndex/:index*?', [middleware.checkRequired.bind(null, ['tid'])], controllers.write.posts.redirectByIndex); + + // router.all('/+byIndex/:index*?', [ + // middleware.checkRequired.bind(null, ['tid']), + // ], controllers.write.posts.redirectByIndex); return router; };