From 77d7df6a0190e352903ad33d0741f066747fc3b5 Mon Sep 17 00:00:00 2001
From: Dendy <dendy@riseup.net>
Date: Fri, 25 Dec 2020 00:59:54 +0100
Subject: [PATCH] Fix things that broke on previous commission

When escaping characters it no longer breaks excluded
tags and searching for nothing giving everything
---
 config.php | 10 +++++-----
 index.php  |  4 ++--
 tag.php    |  5 +++--
 3 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/config.php b/config.php
index 9baa9e9..337ac01 100644
--- a/config.php
+++ b/config.php
@@ -4,6 +4,10 @@ $tmsu = "tmsu -D /strg/drw/.tmsu/db ";
 
 $BASE_ROUTE = "";
 
+function escape_cmd($command){
+	return "'" . addcslashes(addcslashes($command, '(..)'),'-') . "'";
+}
+
 /* Exclude */
 
 $exclude = "";
@@ -20,7 +24,7 @@ if(!isset($_SESSION["login"])){
 		$alone_exclude_query = $alone_exclude_query . " and not " . $ex_tag;
 	}
 	$exclude_query = $exclude_query . $alone_exclude_query;
-	$alone_exclude_query = "'" . $alone_exclude_query . "'";
+	$alone_exclude_query = escape_cmd($alone_exclude_query);
 }
 
 $_IS_LOGGED = $_SESSION["login"] === "true";
@@ -30,8 +34,4 @@ if(!is_array($_SESSION["msg"])){
 	$_SESSION["msg"] = array();
 }
 
-function escape_cmd($command){
-	return "'" . addcslashes(addcslashes($command, '(..)'),'-') . "'";
-}
-
 ?>
diff --git a/index.php b/index.php
index 742466f..9fee04a 100644
--- a/index.php
+++ b/index.php
@@ -27,10 +27,10 @@
 	// Echo total tag count
 	echo "<p>There is a total of " . $tag_num . " tags</p>";
 
-	//Tag list
+	//tag list
 	foreach($output as $tag){
 		$count = "";
-		exec($tmsu . "files -c " . escape_cmd($tag), $count);
+		exec($tmsu . "files -c " . escape_cmd($tag) . $exclude_query, $count);
 
 		if($count[0] !== "0"){
 			echo("<a href='http://" . $_SERVER['HTTP_HOST'] . "/tag.php?t=" . $tag . "'>(" . $count[0]  .") " . $tag ."</a>, ");
diff --git a/tag.php b/tag.php
index e10ad96..8740dd1 100644
--- a/tag.php
+++ b/tag.php
@@ -71,8 +71,9 @@
 	/* Queries */
 
 	// Handle * and void to show everything
-	if(!$_GET["t"] || $_GET["t"] == "*")
-		exec($tmsu . "files " . escape_cmd($alone_exclude_query), $output);
+	if(!$_GET["t"] || $_GET["t"] == "*"){
+		exec($tmsu . "files " . $alone_exclude_query, $output);
+	}
 	// regular query
 	else exec($tmsu . "files " . escape_cmd($_GET["t"] . $exclude_query), $output);