validate if length is on the allowed values

pxpm · pxpm · commit 05ee35c27bc5 · 2024-04-16T16:09:44.000+01:00
diff --git a/src/app/Http/Controllers/Operations/ListOperation.php b/src/app/Http/Controllers/Operations/ListOperation.php
@@ -79,10 +79,12 @@ public function search()
         $length = (int) request()->input('length');
         $search = request()->input('search');
 
-        // we get the max length from the page length menu possibilities
-        $maxLength = $this->crud->maxPageLength();
-
-        $length = $maxLength === -1 ? $length : ($length > $maxLength ? $maxLength : $length);
+        // check if length is allowed by developer
+        if ($length && ! in_array($length, $this->crud->getPageLengthMenu()[0])) {
+            return response()->json([
+                'error' => 'Unknown page length.',
+            ], 400);
+        }
 
         // if a search term was present
         if ($search && $search['value'] ?? false) {
diff --git a/src/app/Library/CrudPanel/Traits/Read.php b/src/app/Library/CrudPanel/Traits/Read.php
@@ -218,21 +218,6 @@ public function getDefaultPageLength()
         return $this->getOperationSetting('defaultPageLength') ?? config('backpack.crud.operations.list.defaultPageLength') ?? 25;
     }
 
-    /**
-     * Get the higher limit from the page length menu.
-     * -1 means "All" so if present it means no limit.
-     */
-    public function maxPageLength(): int
-    {
-        $pageLengthMenu = $this->getPageLengthMenu();
-
-        if (in_array(-1, $pageLengthMenu[0])) {
-            return -1;
-        }
-
-        return (int) max($pageLengthMenu[0]);
-    }
-
     /**
      * If a custom page length was specified as default, make sure it
      * also show up in the page length menu.
