From 3281cd0c1b05af691429b399381c01f221ffceea Mon Sep 17 00:00:00 2001
From: celestora <kitsuruko@gmail.com>
Date: Mon, 4 Apr 2022 15:10:30 +0300
Subject: [PATCH] Restrict search to authorized users and add ratelimit

Searching is heavy, additional measures to prevent abuse must be taken.
---
 Web/Presenters/SearchPresenter.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Web/Presenters/SearchPresenter.php b/Web/Presenters/SearchPresenter.php
index 6af05712..0fc4611f 100644
--- a/Web/Presenters/SearchPresenter.php
+++ b/Web/Presenters/SearchPresenter.php
@@ -25,6 +25,10 @@ final class SearchPresenter extends OpenVKPresenter
         $type  = $this->queryParam("type") ?? "users";
         $page  = (int) ($this->queryParam("p") ?? 1);
         
+        $this->willExecuteWriteAction();
+        if($query != "")
+            $this->assertUserLoggedIn();
+        
         // https://youtu.be/pSAWM5YuXx8
         
         $repos = [ "groups" => "clubs", "users" => "users" ];