Display and search categories

This commit is contained in:
bad 2021-12-15 18:57:03 +01:00
parent 9fcdd131c8
commit e21fa78f15
3 changed files with 22 additions and 13 deletions

View file

@ -33,13 +33,11 @@ class CartController extends Controller
$user->cart()->syncWithoutDetaching([$product->uuid]); $user->cart()->syncWithoutDetaching([$product->uuid]);
$quantity = $request->validate([ $quantity = $request->validate([
'quantity' => 'numeric|min:1' 'quantity' => 'numeric|min:1'
])["quantity"]; ])["quantity"] ?? 1;
if($quantity) {
$pivot = $user->cart()->findOrFail($product->uuid)->pivot; $pivot = $user->cart()->findOrFail($product->uuid)->pivot;
$pivot->quantity = $quantity; $pivot->quantity = $quantity;
$pivot->save(); $pivot->save();
}
return back(); return back();
} }

View file

@ -2,6 +2,7 @@
namespace App\Http\Controllers; namespace App\Http\Controllers;
use App\Models\Category;
use App\Models\Product; use App\Models\Product;
use Illuminate\Http\Request; use Illuminate\Http\Request;
@ -9,13 +10,17 @@ class MainPageController extends Controller
{ {
public function index(Request $request) public function index(Request $request)
{ {
$query = $request->query->get("q"); $query = Product::query()->latest()->limit(100);
if ($query) { $search = $request->query->get("q");
if ($search) {
// O(n) query at best, malicious users can just insert % and _ characters into the query if they wanna, but it's fine half the class left every single field vulnurable to sqli so I don't wanna bother doing this properly with a full text search // O(n) query at best, malicious users can just insert % and _ characters into the query if they wanna, but it's fine half the class left every single field vulnurable to sqli so I don't wanna bother doing this properly with a full text search
$products = Product::query()->where('name', 'like', "%{$query}%")->orWhere('description', 'like', "?")->latest()->limit(100)->get(); $query = $query->where('name', 'like', "%{$search}%")->orWhere('description', 'like', "%{$search}%");
} else {
$products = Product::query()->latest()->limit(100)->get();
} }
return view("index", ["products" => $products, "query" => $query]); $category = $request->query->get("category");
if ($category) {
// O(n) query at best, malicious users can just insert % and _ characters into the query if they wanna, but it's fine half the class left every single field vulnurable to sqli so I don't wanna bother doing this properly with a full text search
$query = $query->whereHas('categories', fn ($b) => $b->where("name","=",$category));
}
return view("index", ["products" => $query->get(), "query" => $search]);
} }
} }

View file

@ -18,6 +18,12 @@
<h2 class="product-name"> {{ $product->name }} </h2> <h2 class="product-name"> {{ $product->name }} </h2>
<h3>{{ ($product->price) }}<span class="price-currency"></span></h3> <h3>{{ ($product->price) }}<span class="price-currency"></span></h3>
</div> </div>
<div class="categories">
@foreach($product->categories as $category)
<a href="{{ route("main", ['category' => $category->name]) }}"> {{ $category->name }} </a>
@endforeach
</div>
<div class="product-commands"> <div class="product-commands">
@auth @auth
@if(!Auth::user()->cart()->find($product)) @if(!Auth::user()->cart()->find($product))