oat/crystal-gauntlet
oat
/
crystal-gauntlet
1
0
Fork 1
Code Issues 11 Pull Requests Packages Projects Releases Wiki Activity

make search queries & level id lookups work

This commit is contained in:
Jill 2023-01-02 17:06:32 +03:00
parent 551bc7cbcf
commit 903a7dd869
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/endpoints/levels/getLevels.cr
View File

@ -19,6 +19,16 @@ CrystalGauntlet.endpoints["/getGJLevels21.php"] = ->(body : String): String {
searchQuery = params["str"]? || ""
if searchQuery != ""
if searchQuery.to_i?
queryParams << "levels.id = #{searchQuery.to_i}"
else
# no sql injections to see here; clean_char only leaves A-Za-z0-9 intact
# todo: make this configurable w/ fuzzy search
queryParams << "levels.name like \"#{Clean.clean_char(searchQuery)}%\""
end
end
# filters
if params["featured"]? == "1"
queryParams << "featured = 1"
@ -132,8 +142,6 @@ CrystalGauntlet.endpoints["/getGJLevels21.php"] = ->(body : String): String {
# todo
end
# todo: search query
where_str = "where (#{queryParams.join(") and (")})"
# todo: switch join users to left join to avoid losing levels to the shadow realm after a user vanishes
query_base = "from levels join users on levels.user_id = users.id left join map_pack_links on map_pack_links.level_id = levels.id #{where_str} order by #{order}"