Search (PR #95)

Basic search added

GitHub

The placeholder should be localised with I18n

Interpolating things into SQL strings like this is potentially risky (because someone could inject malicious SQL). I think we should be able to do members.filter_by_username() in the same way that the groups members list does it

Looks good, just one comment, and there is a linting failure in travis

To avoid repeating the same argument twice, we can use keyword arguments like

      members = members.where("users.name ILIKE :pattern OR users.username_lower ILIKE :pattern", pattern: "%#{params[:filter]}%") if params[:filter]

members = members.where("users.name like :filter OR users.username like :filter", filter: "%#{params[:filter]}%") if params[:filter] i used this as you specified above that SQL injection can be done in this😅

🤦 I am so sorry, I read it wrong before. Your approach was 100% fine.

For some reason I thought you had done something like

.where("users.name LIKE #{filter}")

:joy::joy: cool ill add a commit right now