Permalink
Browse files

search.pl strip bad chars from query at top

  • Loading branch information...
1 parent ac9ea1f commit 082ca06c42a81dabd107f3a875e379010bed5795 @pudge pudge committed Jun 12, 2000
Showing with 16 additions and 28 deletions.
  1. +2 −2 CHANGES
  2. +7 −13 public_html/search.pl
  3. +7 −13 themes/slashcode/htdocs/search.pl
View
@@ -109,8 +109,8 @@ slash-1.0.5, 2000.06.xx
* Fixed up slashhead image and WIDTH of slashhead.gif and
slashslogan.gif (Nathan Vonnahme)
-* Fixed passing of "html_query=" parameter in search.pl for next
- matches instea of "query_" (Michael Sims)
+* Fixed search.pl in stripping of bad chars from query string
+ (Michael Sims)
* Plenty of minor code cleanups
View
@@ -41,11 +41,11 @@ sub main {
$I{F}{max} ||= "30";
$I{F}{'last'} ||= $I{F}{min} + $I{F}{max};
- # don't echo bad characters back to browser
- $I{F}{html_query} = stripByMode($I{F}{query}, 'exttrans');
+ # get rid of bad characters
+ $I{F}{query} =~ s/[^A-Z0-9'. ]//gi;
- header("$I{sitename}: Search $I{F}{html_query}", $I{F}{section});
- titlebar("99%", "Searching $I{F}{html_query}");
+ header("$I{sitename}: Search $I{F}{query}", $I{F}{section});
+ titlebar("99%", "Searching $I{F}{query}");
searchForm();
@@ -61,17 +61,12 @@ sub linkSearch {
my $C = shift;
my $r;
- foreach (qw[threshold html_query min author op sid topic section total]) {
+ foreach (qw[threshold query min author op sid topic section total]) {
my $x = "";
$x = $C->{$_} if defined $C->{$_};
$x = $I{F}{$_} if defined $I{F}{$_} && !$x;
$x =~ s/ /+/g;
- next if $x eq "";
- if ($_ eq 'html_query') {
- $r .= "query=$x&";
- } else {
- $r .= "$_=$x&";
- }
+ $r .= "$_=$x&" unless $x eq "";
}
$r =~ s/&$//;
@@ -83,7 +78,6 @@ sub keysearch {
my $keywords = shift;
my @columns = @_;
- $keywords =~ s/[^A-Z0-9'\. ]//gi;
my @words = split m/ /, $keywords;
my $sql;
my $x = 0;
@@ -121,7 +115,7 @@ sub searchForm {
print <<EOT;
<FORM ACTION="$ENV{SCRIPT_NAME}" METHOD="POST">
- <INPUT TYPE="TEXT" NAME="query" VALUE="$I{F}{html_query}">
+ <INPUT TYPE="TEXT" NAME="query" VALUE="$I{F}{query}">
<INPUT TYPE="SUBMIT" VALUE="Search">
EOT
@@ -41,11 +41,11 @@ sub main {
$I{F}{max} ||= "30";
$I{F}{'last'} ||= $I{F}{min} + $I{F}{max};
- # don't echo bad characters back to browser
- $I{F}{html_query} = stripByMode($I{F}{query}, 'exttrans');
+ # get rid of bad characters
+ $I{F}{query} =~ s/[^A-Z0-9'. ]//gi;
- header("$I{sitename}: Search $I{F}{html_query}", $I{F}{section});
- titlebar("99%", "Searching $I{F}{html_query}");
+ header("$I{sitename}: Search $I{F}{query}", $I{F}{section});
+ titlebar("99%", "Searching $I{F}{query}");
searchForm();
@@ -61,17 +61,12 @@ sub linkSearch {
my $C = shift;
my $r;
- foreach (qw[threshold html_query min author op sid topic section total]) {
+ foreach (qw[threshold query min author op sid topic section total]) {
my $x = "";
$x = $C->{$_} if defined $C->{$_};
$x = $I{F}{$_} if defined $I{F}{$_} && !$x;
$x =~ s/ /+/g;
- next if $x eq "";
- if ($_ eq 'html_query') {
- $r .= "query=$x&";
- } else {
- $r .= "$_=$x&";
- }
+ $r .= "$_=$x&" unless $x eq "";
}
$r =~ s/&$//;
@@ -83,7 +78,6 @@ sub keysearch {
my $keywords = shift;
my @columns = @_;
- $keywords =~ s/[^A-Z0-9'\. ]//gi;
my @words = split m/ /, $keywords;
my $sql;
my $x = 0;
@@ -121,7 +115,7 @@ sub searchForm {
print <<EOT;
<FORM ACTION="$ENV{SCRIPT_NAME}" METHOD="POST">
- <INPUT TYPE="TEXT" NAME="query" VALUE="$I{F}{html_query}">
+ <INPUT TYPE="TEXT" NAME="query" VALUE="$I{F}{query}">
<INPUT TYPE="SUBMIT" VALUE="Search">
EOT

0 comments on commit 082ca06

Please sign in to comment.