26 lines
1.2 KiB
PHP
26 lines
1.2 KiB
PHP
<?php
|
|
|
|
namespace App\Http\Controllers;
|
|
|
|
use App\Models\Category;
|
|
use App\Models\Product;
|
|
use Illuminate\Http\Request;
|
|
|
|
class MainPageController extends Controller
|
|
{
|
|
public function index(Request $request)
|
|
{
|
|
$query = Product::query()->latest()->limit(100);
|
|
$search = $request->query->get("q");
|
|
if ($search) {
|
|
// O(n) query at best, malicious users can just insert % and _ characters into the query if they wanna, but it's fine half the class left every single field vulnurable to sqli so I don't wanna bother doing this properly with a full text search
|
|
$query = $query->where('name', 'like', "%{$search}%")->orWhere('description', 'like', "%{$search}%");
|
|
}
|
|
$category = $request->query->get("category");
|
|
if ($category) {
|
|
// O(n) query at best, malicious users can just insert % and _ characters into the query if they wanna, but it's fine half the class left every single field vulnurable to sqli so I don't wanna bother doing this properly with a full text search
|
|
$query = $query->whereHas('categories', fn ($b) => $b->where("name","=",$category));
|
|
}
|
|
return view("index", ["products" => $query->get(), "query" => $search]);
|
|
}
|
|
}
|