<?php
// PukiWiki - Yet another WikiWikiWeb clone.
-// $Id: search.inc.php,v 1.12 2005/11/29 15:12:10 henoheno Exp $
+// $Id: search.inc.php,v 1.14 2011/01/25 15:01:01 henoheno Exp $
//
// Search plugin
global $post, $vars, $_title_result, $_title_search, $_msg_searching;
if (PLUGIN_SEARCH_DISABLE_GET_ACCESS) {
- $s_word = isset($post['word']) ? htmlspecialchars($post['word']) : '';
+ $s_word = isset($post['word']) ? htmlsc($post['word']) : '';
} else {
- $s_word = isset($vars['word']) ? htmlspecialchars($vars['word']) : '';
+ $s_word = isset($vars['word']) ? htmlsc($vars['word']) : '';
}
if (strlen($s_word) > PLUGIN_SEARCH_MAX_LENGTH) {
unset($vars['word']); // Stop using $_msg_word at lib/html.php
foreach($bases as $base) {
++$_num;
if (PLUGIN_SEARCH_MAX_BASE < $_num) break;
- $label_id = '_base_label_id_' . $_num;
- $s_base = htmlspecialchars($base);
+ $label_id = '_p_search_base_id_' . $_num;
+ $s_base = htmlsc($base);
$base_str = '<strong>' . $s_base . '</strong>';
$base_label = str_replace('$1', $base_str, $_search_pages);
$base_msg .=<<<EOD
$check = '';
}
$base_msg .=<<<EOD
- <input type="radio" name="base" id="_base_label_id_all" value="" />
- <label for="_base_label_id_all">$_search_all</label>
+ <input type="radio" name="base" id="_p_search_base_id_all" value="" />
+ <label for="_p_search_base_id_all">$_search_all</label>
EOD;
$base_option = '<div class="small">' . $base_msg . '</div>';
}