Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixes broken rendering trying to parse against <script> input values.
  • Loading branch information
FrederickChan committed Mar 10, 2021
1 parent 08d6c2e commit fda266c
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 47 deletions.
88 changes: 44 additions & 44 deletions includes/classes/PHPFusion/Search/Search_Engine.php
Expand Up @@ -21,7 +21,7 @@

class Search_Engine extends Search_Model {

protected static $search_instance = NULL;
public static $locale = [];

/*
* Template
Expand All @@ -31,41 +31,18 @@ class Search_Engine extends Search_Model {
*
* In order to access the variables, extend your class to Search_Engine!
*/
protected static $search_instance = NULL;
protected static $render_search = '';
protected static $search_no_result = '';
protected static $search_count = '';
protected static $search_item_wrapper = '';

protected static $search_item = '';
protected static $search_item_list = '';
protected static $search_item_image = '';
public static $locale = [];

/**
* Returns params
*
* @param null $key
*
* @return array|string
*/
public static function get_param($key = NULL) {
$info = [
'stype' => self::$search_type,
'stext' => self::$search_text,
'method' => self::$search_method,
'datelimit' => self::$search_date_limit,
'fields' => self::$search_fields,
'sort' => self::$search_sort,
'chars' => self::$search_chars,
'order' => self::$search_order,
'forum_id' => self::$forum_id,
'memory_limit' => self::$memory_limit,
'composevars' => self::$composevars,
'rowstart' => self::$rowstart,
'search_param' => self::$search_param,
];

return $key === NULL ? $info : (isset($info[$key]) ? $info[$key] : NULL);
protected function __construct() {
parent::__construct();
self::$locale = fusion_get_locale('', LOCALE.LOCALESET.'search.php');
}

/**
Expand All @@ -82,11 +59,6 @@ public static function getInstance() {
return self::$search_instance;
}

protected function __construct() {
parent::__construct();
self::$locale = fusion_get_locale('', LOCALE.LOCALESET.'search.php');
}

/**
* Controller for search form
*/
Expand Down Expand Up @@ -315,6 +287,33 @@ protected static function display_search_form() {
add_to_footer("<script type='text/javascript'>".jsminify($search_js)."</script>");
}

/**
* Returns params
*
* @param null $key
*
* @return array|string
*/
public static function get_param($key = NULL) {
$info = [
'stype' => htmlentities(self::$search_type),
'stext' => htmlentities(self::$search_text),
'method' => htmlentities(self::$search_method),
'datelimit' => self::$search_date_limit,
'fields' => self::$search_fields,
'sort' => self::$search_sort,
'chars' => htmlentities(self::$search_chars),
'order' => self::$search_order,
'forum_id' => self::$forum_id,
'memory_limit' => self::$memory_limit,
'composevars' => self::$composevars,
'rowstart' => self::$rowstart,
'search_param' => htmlentities(self::$search_param),
];

return $key === NULL ? $info : (isset($info[$key]) ? $info[$key] : NULL);
}

/**
* Controller for display the search results
*/
Expand All @@ -333,7 +332,7 @@ protected static function display_results() {
self::$fields_count = self::get_param('fields') + 1;
for ($i = 0, $k = 0; $i < count($search_text); $i++) {
if (strlen($search_text[$i]) >= 3) {
$qualified_search_text[] = $search_text[$i];
$qualified_search_text[] = htmlentities($search_text[$i]);
for ($j = 0; $j < self::$fields_count; $j++) {
// It is splitting to 2 parts.
self::$search_param[':sword'.$k.$j] = '%'.$search_text[$i].'%';
Expand All @@ -360,6 +359,7 @@ protected static function display_results() {
$highlighted_text .= ($i < self::$c_swords ? "," : "");
$i++;
}

add_to_footer("<script type='text/javascript' src='".INCLUDES."jquery/jquery.highlight.js'></script>");
add_to_jquery("$('.search_result').highlight([".$highlighted_text."],{wordsOnly:true}); $('.highlight').css({backgroundColor:'#FFFF88'});");

Expand Down Expand Up @@ -460,6 +460,16 @@ protected static function display_results() {
}
}

/**
* Load the search driver file
* - Prevents string mutation
*
* @param $path
*/
protected static function __Load($path) {
include_once($path);
}

/**
* Controller for omitting search
*/
Expand All @@ -477,14 +487,4 @@ protected static function display_noResults() {
*/
private function __clone() {
}

/**
* Load the search driver file
* - Prevents string mutation
*
* @param $path
*/
protected static function __Load($path) {
include_once($path);
}
}
5 changes: 2 additions & 3 deletions includes/dynamics/includes/form_main.php
Expand Up @@ -88,15 +88,14 @@ function clean_input_name($value) {

function clean_input_value($value) {
if (is_string($value)) {
return descript($value);
return stripinput($value);
}
if (is_array($value)) {
return array_map('descript', $value);
return array_map('stripinput', $value);
}
return '';
}


function load_select2_script() {
static $loaded = FALSE;
if ($loaded === FALSE) {
Expand Down

0 comments on commit fda266c

Please sign in to comment.