DebaucheryLibrarian
/
traxxx-web
1
1
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Improved special character handling in manticore and URL query.

This commit is contained in:
DebaucheryLibrarian 2024-04-01 01:50:24 +02:00
parent 56e9d07b85
commit 6f371499d3
7 changed files with 21 additions and 8 deletions

2
components/filters/filters.vue
View File

@ -283,7 +283,7 @@ function toggleFilters(state) {
width: 1.75rem; width: 1.75rem;
display: flex; display: flex;
align-items: center; align-items: center;
justify-content: center; justify-content: flex-end;
padding: 0 .25rem; padding: 0 .25rem;
overflow: hidden; overflow: hidden;
color: var(--shadow-weak-10); color: var(--shadow-weak-10);

1
pages/tags/+Page.vue
View File

@ -46,6 +46,7 @@
<img <img
v-if="tag.poster" v-if="tag.poster"
:src="`/${tag.poster.thumbnail}`" :src="`/${tag.poster.thumbnail}`"
:style="{ 'background-image': `url(/${tag.poster.lazy})` }"
:title="tag.poster.comment" :title="tag.poster.comment"
class="thumb" class="thumb"
loading="lazy" loading="lazy"

5
src/actors.js
View File

@ -7,6 +7,7 @@ import { utilsApi } from './manticore.js';
import { HttpError } from './errors.js'; import { HttpError } from './errors.js';
import { fetchCountriesByAlpha2 } from './countries.js'; import { fetchCountriesByAlpha2 } from './countries.js';
import { curateStash } from './stashes.js'; import { curateStash } from './stashes.js';
import escape from '../utils/escape-manticore.js';
import slugify from '../utils/slugify.js'; import slugify from '../utils/slugify.js';
export function curateActor(actor, context = {}) { export function curateActor(actor, context = {}) {
@ -153,7 +154,7 @@ function curateOptions(options) {
page: options?.page || 1, page: options?.page || 1,
limit: options?.limit || 30, limit: options?.limit || 30,
requireAvatar: options?.requireAvatar || false, requireAvatar: options?.requireAvatar || false,
order: [options.order?.[0] || 'name', options.order?.[1] || 'asc'], order: [escape(options.order?.[0]) || 'name', escape(options.order?.[1]) || 'asc'],
}; };
} }
@ -364,7 +365,7 @@ async function queryManticoreSql(filters, options, _reqUser) {
} }
if (filters.query) { if (filters.query) {
builder.whereRaw('match(\'@name :query:\', actors)', { query: filters.query }); builder.whereRaw('match(\'@name :query:\', actors)', { query: escape(filters.query) });
} }
// attribute filters // attribute filters

2
src/api.js
View File

@ -16,7 +16,7 @@ function getQuery(data) {
const curatedQuery = Object.fromEntries(Object.entries(data).map(([key, value]) => (value === undefined ? null : [key, value])).filter(Boolean)); const curatedQuery = Object.fromEntries(Object.entries(data).map(([key, value]) => (value === undefined ? null : [key, value])).filter(Boolean));
return `?${encodeURI(decodeURIComponent(new URLSearchParams(curatedQuery).toString()))}`; // recode so commas aren't encoded return `?${new URLSearchParams(curatedQuery).toString()}`; // recode so commas aren't encoded
} }
function showFeedback(isSuccess, options = {}, errorMessage) { function showFeedback(isSuccess, options = {}, errorMessage) {

2
src/navigate.js
View File

@ -9,7 +9,7 @@ export default function navigate(path, query, options = {}) {
}).toString(); }).toString();
const url = queryString const url = queryString
? `${path}?${encodeURI(decodeURIComponent(queryString))}` // URLSearchParams encodes commas, we don't want that ? `${path}?${queryString.replace(/%2C/g, ',')}` // URLSearchParams encodes commas, we don't want that
: path; : path;
if (options.redirect) { if (options.redirect) {

6
src/scenes.js
View File

@ -8,6 +8,7 @@ import { fetchActorsById, curateActor, sortActorsByGender } from './actors.js';
import { fetchTagsById } from './tags.js'; import { fetchTagsById } from './tags.js';
import { fetchEntitiesById } from './entities.js'; import { fetchEntitiesById } from './entities.js';
import { curateStash } from './stashes.js'; import { curateStash } from './stashes.js';
import escape from '../utils/escape-manticore.js';
import promiseProps from '../utils/promise-props.js'; import promiseProps from '../utils/promise-props.js';
function curateMedia(media) { function curateMedia(media) {
@ -428,7 +429,7 @@ async function queryManticoreSql(filters, options, _reqUser) {
} }
if (filters.query) { if (filters.query) {
builder.whereRaw('match(\'@!title :query:\', scenes)', { query: filters.query }); builder.whereRaw('match(\'@!title :query:\', scenes)', { query: escape(filters.query) });
} }
filters.tagIds?.forEach((tagId) => { filters.tagIds?.forEach((tagId) => {
@ -492,8 +493,7 @@ async function queryManticoreSql(filters, options, _reqUser) {
} }
}) })
.limit(options.limit) .limit(options.limit)
.offset((options.page - 1) * options.limit) .offset((options.page - 1) * options.limit),
.toString(),
// option threads=1 fixes actors, but drastically slows down performance, wait for fix // option threads=1 fixes actors, but drastically slows down performance, wait for fix
actorsFacet: options.aggregateActors ? knex.raw('facet scenes.actor_ids order by count(*) desc limit ?', [aggSize]) : null, actorsFacet: options.aggregateActors ? knex.raw('facet scenes.actor_ids order by count(*) desc limit ?', [aggSize]) : null,
tagsFacet: options.aggregateTags ? knex.raw('facet scenes.tag_ids order by count(*) desc limit ?', [aggSize]) : null, tagsFacet: options.aggregateTags ? knex.raw('facet scenes.tag_ids order by count(*) desc limit ?', [aggSize]) : null,

11
utils/escape-manticore.js Normal file
View File

@ -0,0 +1,11 @@
// https://manual.manticoresearch.com/Searching/Full_text_matching/Escaping#Escaping-characters-in-query-string
export default function escape(string) {
if (!string) {
return null;
}
return string
.replace(/\\/g, String.raw`\\\\`) // using String.raw so we don't have to double up JS and SQL escaping
.replace(/'/g, String.raw`\'`)
.replace(/(["!$()/<@^|~-])/g, String.raw`\\$1`);
}