[FEATURE] Overwrite maximum number of Indexed Search results. 10/50110/7
authorKarol Lamparski <klamparski@gmail.com>
Fri, 7 Oct 2016 15:46:52 +0000 (17:46 +0200)
committerChristian Kuhn <lolli@schwarzbu.ch>
Wed, 26 Oct 2016 14:50:30 +0000 (16:50 +0200)
TypoScript setting
`plugin.tx_indexedsearch.settings.blind.numberOfResults`
receives a comma separated list of integer values. If number of results
sent in request does not match any value from this list,
default (first) value will be used to keep DoS attack protection.

Values from `plugin.tx_indexedsearch.settings.blind.numberOfResults`
are used as options in the select box in advanced search mode.
To keep backward compatibility default values are 10, 25, 50 and 100.

Releases: master
Resolves: #73626
Change-Id: Id85951450e6b8192d8c36e43a468f8db82d7a9f8
Reviewed-on: https://review.typo3.org/50110
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Tested-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
typo3/sysext/core/Documentation/Changelog/master/Feature-73626-NumberOfResultsShouldBeConfigurableAndReportOverflow.rst [new file with mode: 0644]
typo3/sysext/indexed_search/Classes/Controller/SearchController.php
typo3/sysext/indexed_search/Configuration/TypoScript/setup.txt

diff --git a/typo3/sysext/core/Documentation/Changelog/master/Feature-73626-NumberOfResultsShouldBeConfigurableAndReportOverflow.rst b/typo3/sysext/core/Documentation/Changelog/master/Feature-73626-NumberOfResultsShouldBeConfigurableAndReportOverflow.rst
new file mode 100644 (file)
index 0000000..6384070
--- /dev/null
@@ -0,0 +1,32 @@
+.. include:: ../../Includes.txt
+
+============================================================================
+Feature: #73626 - numberOfResults should be configurable and report overflow
+============================================================================
+
+See :issue:`73626`
+
+Description
+===========
+
+Adds possibility to overwrite in TypoScript maximum number of Indexed Search results,
+which previously was limited to 100.
+
+TypoScript setting `plugin.tx_indexedsearch.settings.blind.numberOfResults` now became
+a list of values. If number of results sent in request does not match any value from
+the list, default (first) value will be used to keep DoS attack protection.
+
+Values from `plugin.tx_indexedsearch.settings.blind.numberOfResults` are used as the
+options in the select in advanced search mode. To keep backward compatibility default
+values are 10, 25, 50 and 100.
+
+
+Impact
+======
+
+TypoScript setting `plugin.tx_indexedsearch.settings.blind.numberOfResults` can be now
+list of available number of results. Because of that it is possible to overwrite list
+of values displayed in the advanced search mode. First value from the list will be used
+as default.
+
+.. index:: ext:indexed_search, TypoScript
\ No newline at end of file
index c62f545..47cd684 100644 (file)
@@ -65,6 +65,11 @@ class SearchController extends \TYPO3\CMS\Extbase\Mvc\Controller\ActionControlle
     protected $defaultResultNumber = 10;
 
     /**
+     * @var int[]
+     */
+    protected $availableResultsNumbers = [];
+
+    /**
      * Search repository
      *
      * @var \TYPO3\CMS\IndexedSearch\Domain\Repository\IndexSearchRepository
@@ -176,6 +181,14 @@ class SearchController extends \TYPO3\CMS\Extbase\Mvc\Controller\ActionControlle
             $this->redirect('noTypoScript');
         }
 
+        // Sets availableResultsNumbers - has to be called before request settings are read to avoid DoS attack
+        $this->availableResultsNumbers = array_filter(GeneralUtility::intExplode(',', $this->settings['blind']['numberOfResults']));
+
+        // Sets default result number if at least one availableResultsNumbers exists
+        if (isset($this->availableResultsNumbers[0])) {
+            $this->defaultResultNumber = $this->availableResultsNumbers[0];
+        }
+
         $this->loadSettings();
 
         // setting default values
@@ -194,7 +207,7 @@ class SearchController extends \TYPO3\CMS\Extbase\Mvc\Controller\ActionControlle
         if ($searchData['_freeIndexUid'] !== '' && $searchData['_freeIndexUid'] !== '_') {
             $searchData['freeIndexUid'] = $searchData['_freeIndexUid'];
         }
-        $searchData['numberOfResults'] = MathUtility::forceIntegerInRange($searchData['numberOfResults'], 1, 100, $this->defaultResultNumber);
+        $searchData['numberOfResults'] = $this->getNumberOfResults($searchData['numberOfResults']);
         // This gets the search-words into the $searchWordArray
         $this->setSword($searchData['sword']);
         // Add previous search words to current
@@ -1252,17 +1265,11 @@ class SearchController extends \TYPO3\CMS\Extbase\Mvc\Controller\ActionControlle
     protected function getAllAvailableNumberOfResultsOptions()
     {
         $allOptions = [];
-        $blindSettings = $this->settings['blind'];
-        if (!$blindSettings['numberOfResults']) {
-            $allOptions = [
-                10 => 10,
-                25 => 25,
-                50 => 50,
-                100 => 100
-            ];
+        if (count($this->availableResultsNumbers) > 1) {
+            $allOptions = array_combine($this->availableResultsNumbers, $this->availableResultsNumbers);
         }
         // disable single entries by TypoScript
-        $allOptions = $this->removeOptionsFromOptionList($allOptions, $blindSettings['numberOfResults']);
+        $allOptions = $this->removeOptionsFromOptionList($allOptions, $this->settings['blind']['numberOfResults']);
         return $allOptions;
     }
 
@@ -1529,6 +1536,20 @@ class SearchController extends \TYPO3\CMS\Extbase\Mvc\Controller\ActionControlle
     }
 
     /**
+     * Returns number of results to display
+     *
+     * @param int $numberOfResults Requested number of results
+     * @return int
+     */
+    protected function getNumberOfResults($numberOfResults)
+    {
+        $numberOfResults = intval($numberOfResults);
+
+        return (in_array($numberOfResults, $this->availableResultsNumbers)) ?
+            $numberOfResults : $this->defaultResultNumber;
+    }
+
+    /**
      * Set the search word
      * @param string $sword
      */
index 67e85bb..92bbbde 100644 (file)
@@ -62,7 +62,8 @@ plugin.tx_indexedsearch {
                        group = 0
                        languageUid = 0
                        desc = 0
-                       numberOfResults = 0
+                       # List of available number of results. First will be used as default.
+                       numberOfResults = 10,25,50,100
                        # defaultOperand.1 = 1
                        # extResume=1
                }