summaryrefslogtreecommitdiff
path: root/lib/VNDB/Handler/Tags.pm
diff options
context:
space:
mode:
authorYorhel <git@yorhel.nl>2010-12-22 19:23:50 +0100
committerYorhel <git@yorhel.nl>2010-12-22 19:24:00 +0100
commit81c1681ffc46044d902145e442464c069ef1df3e (patch)
treeb17fa5b282b47676a0d4db435d9e609a0059e7c1 /lib/VNDB/Handler/Tags.pm
parentfa403120fc7c5b417cc21e93ce2f5acb43b5ede4 (diff)
Don't allow page > 100 or sorting on username or title on tag link browser
Performance. Those featues are hardly used, but they can block other visitors when used in bad combinations.
Diffstat (limited to 'lib/VNDB/Handler/Tags.pm')
-rw-r--r--lib/VNDB/Handler/Tags.pm8
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/VNDB/Handler/Tags.pm b/lib/VNDB/Handler/Tags.pm
index 6e373d04..3d656728 100644
--- a/lib/VNDB/Handler/Tags.pm
+++ b/lib/VNDB/Handler/Tags.pm
@@ -358,12 +358,12 @@ sub taglinks {
my $f = $self->formValidate(
{ name => 'p', required => 0, default => 1, template => 'int' },
{ name => 'o', required => 0, default => 'd', enum => ['a', 'd'] },
- { name => 's', required => 0, default => 'date', enum => [qw|date username title tag|] },
+ { name => 's', required => 0, default => 'date', enum => [qw|date tag|] },
{ name => 'v', required => 0, default => 0, template => 'int' },
{ name => 'u', required => 0, default => 0, template => 'int' },
{ name => 't', required => 0, default => 0, template => 'int' },
);
- return 404 if $f->{_err};
+ return 404 if $f->{_err} || $f->{p} > 100;
my($list, $np) = $self->dbTagLinks(
what => 'details',
@@ -433,11 +433,11 @@ sub taglinks {
sorturl => $url->(s=>0,o=>0),
header => [
[ mt('_taglink_col_date'), 'date' ],
- [ mt('_taglink_col_user'), 'username' ],
+ [ mt('_taglink_col_user') ],
[ mt('_taglink_col_rating') ],
[ mt('_taglink_col_tag'), 'tag' ],
[ mt('_taglink_col_spoiler') ],
- [ mt('_taglink_col_vn'), 'title' ],
+ [ mt('_taglink_col_vn'), ],
],
row => sub {
my($s, $n, $l) = @_;