Xataface Forums

How can I limit the search results found? If someone tries a blank search he can access all my records. I would like to give him an error to tell him to refine his search, or to display only 10 or so records.

Excuse my english. Thank you

Dataface uses the -limit GET parameter to set the number of records. So if you add this parameter at the beginning of your index.php file, it will enforce a limit;

e.g.
index.php:

Code: Select all

if ( !isset($_GET['-limit']) ){
    $_GET['-limit'] = 10;
    $_REQUEST['-limit'] = 10;
}


This only changes the number of records showned per page. From 30 to 10. The user still has the ability to browse through all my 8000 records if he enters a blank search.

For now , it is done in some rudimentary way. If user tries to search for a string that will display too many results it will give him an error. I've tried to limit the search results displayed by forcing the user to search for more than three characters.

if ( isset($_GET['-search']) ){
if(strlen($_GET['-search']) < 3) {
header('Location: http://www.blah.com/error');
}
}

Someone can still browse through my database by entering a blank search in the advanced search form (-action=find).

I think this is a pretty clean approach. in ResultList.php

if ( $this->_resultSet->found() > 0 && $this->_resultSet->found() < 100) {
...
}
elseif($this->_resultSet->found() > 100) {
....
} else {
....
}

Yes.. you're on the right track.

In your index.php file:
$resultSet =& $app->getResultSet();
$resultSet->loadSet();
if ( $resultSet->found() > 100 ){ ....}
else { ...}