From fdf65962b9610ab0a7b8e91dc1a2d4973f44c169 Mon Sep 17 00:00:00 2001
From: Nathan Perry <avaglir@gmail.com>
Date: Sat, 7 Apr 2018 06:09:52 -0400
Subject: database-based memeing working

---
 src/db/mod.rs    | 8 ++++++--
 src/db/models.rs | 5 ++++-
 src/db/schema.rs | 1 +
 3 files changed, 11 insertions(+), 3 deletions(-)

(limited to 'src/db')

diff --git a/src/db/mod.rs b/src/db/mod.rs
index 0862883..ac0e321 100644
--- a/src/db/mod.rs
+++ b/src/db/mod.rs
@@ -22,12 +22,14 @@ pub fn connection() -> Result<PgConnection> {
 
 pub fn find_meme<T: AsRef<str>>(conn: &PgConnection, search: T) -> Result<Meme> {
     use diesel::dsl::sql;
+    use diesel::types::Text;
 
     let search = search.as_ref();
     let format_search = format!("%{}%", search);
 
+    // TODO: check for injection
     memes::table
-        .filter(memes::title.ilike(&format_search).or(sql(&format!("content ILIKE %{}%", search))))
+        .filter(memes::title.ilike(&format_search).or(sql("content ILIKE ").bind::<Text, _>(&format_search)))
         .limit(1)
         .first::<Meme>(conn)
         .map_err(Error::from)
@@ -35,12 +37,14 @@ pub fn find_meme<T: AsRef<str>>(conn: &PgConnection, search: T) -> Result<Meme>
 
 pub fn find_text<T: AsRef<str>>(conn: &PgConnection, search: T) -> Result<Meme> {
     use diesel::dsl::sql;
+    use diesel::types::Text;
 
     let search = search.as_ref();
     let format_search = format!("%{}%", search);
 
+    // TODO: check for injection
     memes::table
-        .filter((memes::title.ilike(&format_search).or(sql(&format!("content ILIKE %{}%", search))))
+        .filter((memes::title.ilike(&format_search).or(sql("content ILIKE ").bind::<Text, _>(&format_search)))
             .and(memes::content.is_not_null()))
         .limit(1)
         .first::<Meme>(conn)
diff --git a/src/db/models.rs b/src/db/models.rs
index 88ee82c..6ac8b18 100644
--- a/src/db/models.rs
+++ b/src/db/models.rs
@@ -105,10 +105,11 @@ pub struct Image {
     pub data: Vec<u8>,
     pub metadata_id: i32,
     pub data_hash: Vec<u8>,
+    pub filename: String,
 }
 
 impl Image {
-    pub fn create(conn: &PgConnection, data: Vec<u8>, by_user: u64) -> Result<i32> {
+    pub fn create(conn: &PgConnection, filename: &str, data: Vec<u8>, by_user: u64) -> Result<i32> {
         let mut data_hash = ::sha1::Sha1::new();
         data_hash.update(&data);
         let data_hash = data_hash.digest().bytes().to_vec();
@@ -127,6 +128,7 @@ impl Image {
         let new_image = NewImage {
             data,
             data_hash,
+            filename: filename.to_owned(),
             metadata_id: metadata.id,
         };
 
@@ -144,6 +146,7 @@ pub struct NewImage {
     pub data: Vec<u8>,
     pub metadata_id: i32,
     pub data_hash: Vec<u8>,
+    pub filename: String,
 }
 
 
diff --git a/src/db/schema.rs b/src/db/schema.rs
index d4ba0fa..1822204 100644
--- a/src/db/schema.rs
+++ b/src/db/schema.rs
@@ -22,6 +22,7 @@ table! {
         data -> Bytea,
         metadata_id -> Int4,
         data_hash -> Bytea,
+        filename -> Varchar,
     }
 }
 
-- 
cgit v1.3.1