requestStack->getCurrentRequest(); $registrant = trim((string) $request->get('registrant')); $forbidden = [ 'redacted', 'privacy', 'registration private', 'domain administrator', 'registry super user account', 'ano nymous', 'by proxy', ]; foreach ($forbidden as $word) { if (str_contains(strtolower($registrant), $word)) { throw new BadRequestHttpException('Forbidden search term'); } } return $this->domainRepository->createQueryBuilder('d') ->select('DISTINCT d') ->join('d.domainEntities', 'de', Join::WITH, 'de.deletedAt IS NULL AND JSONB_CONTAINS(de.roles, :role) = true') ->join( 'de.entity', 'e', Join::WITH, 'e.tld IS NOT NULL AND e.handle NOT IN (:blacklist) AND (UPPER(e.jCardOrg) = UPPER(:registrant) OR UPPER(e.jCardFn) = UPPER(:registrant))' ) ->setParameter('registrant', $registrant) ->setParameter('blacklist', RDAPService::ENTITY_HANDLE_BLACKLIST) ->setParameter('role', '"registrant"') ->getQuery()->getResult(); } }