function searchBox() { global $words, $forum_id, $group_id, $group_project_id, $atid, $exact, $type_of_search; if (get_magic_quotes_gpc()) { $defaultWords = stripslashes($words); } else { $defaultWords = $words; } // if there is no search currently, set the default if (!isset($type_of_search)) { $exact = 1; } print ' <form action="/search/" method="get">'; $parameters = array(SEARCH__PARAMETER_GROUP_ID => $group_id, SEARCH__PARAMETER_ARTIFACT_ID => $atid, SEARCH__PARAMETER_FORUM_ID => $forum_id, SEARCH__PARAMETER_GROUP_PROJECT_ID => $group_project_id); $searchManager =& getSearchManager(); $searchManager->setParametersValues($parameters); $searchEngines =& $searchManager->getAvailableSearchEngines(); echo '<select name="type_of_search">'; for ($i = 0, $max = count($searchEngines); $i < $max; $i++) { $searchEngine =& $searchEngines[$i]; echo '<option value="' . $searchEngine->getType() . '"' . ($type_of_search == $searchEngine->getType() ? ' selected="selected"' : '') . '>' . $searchEngine->getLabel($parameters) . '</option>' . "\n"; } echo '</select>'; $parameters = $searchManager->getParameters(); foreach ($parameters as $name => $value) { print '<input type="hidden" value="' . $value . '" name="' . $name . '" />'; } print '<input type="text" size="12" name="words" value="' . $defaultWords . '" />'; print '<input type="submit" name="Search" value="' . _('Search') . '" />'; if (isset($group_id) && $group_id) { echo util_make_link('/search/advanced_search.php?group_id=' . $group_id, _('Advanced search'), array('class' => 'lnkutility')); } print '</form>'; }
function searchBox() { global $words, $forum_id, $group_id, $group_project_id, $atid, $exact, $type_of_search; if (get_magic_quotes_gpc()) { $defaultWords = stripslashes($words); } else { $defaultWords = $words; } //Fix CVE-2007-0176 $defaultWords = htmlspecialchars($defaultWords); // if there is no search currently, set the default if (!isset($type_of_search)) { $exact = 1; } print ' <form action="/search/" method="get"> <table border="0" cellpadding="0" cellspacing="0"> <tr><td> <div align="center" class="searchbox">'; $parameters = array(SEARCH__PARAMETER_GROUP_ID => $group_id, SEARCH__PARAMETER_ARTIFACT_ID => $atid, SEARCH__PARAMETER_FORUM_ID => $forum_id, SEARCH__PARAMETER_GROUP_PROJECT_ID => $group_project_id); $searchManager =& getSearchManager(); $searchManager->setParametersValues($parameters); $searchEngines =& $searchManager->getAvailableSearchEngines(); echo '<select name="type_of_search">'; for ($i = 0, $max = count($searchEngines); $i < $max; $i++) { $searchEngine =& $searchEngines[$i]; echo '<option value="' . $searchEngine->getType() . '"' . ($type_of_search == $searchEngine->getType() ? ' selected="selected"' : '') . '>' . $searchEngine->getLabel($parameters) . '</option>' . "\n"; } echo '</select></div>'; // print '<br />'; // print ' // <input type="CHECKBOX" name="exact" value="1"'.( $exact ? ' CHECKED' : ' UNCHECKED' ).'> Require All Words'; print '</td><td> '; $parameters = $searchManager->getParameters(); foreach ($parameters as $name => $value) { print '<input type="hidden" value="' . $value . '" name="' . $name . '" />'; } print '</td><td>'; print '<input type="text" size="12" name="words" value="' . $defaultWords . '" />'; print '</td><td> </td><td>'; print '<input type="submit" name="Search" value="' . _('Search') . '" />'; print '</td>'; if (isset($group_id) && $group_id) { print ' <td width="10"> </td> <td>' . util_make_link('/search/advanced_search.php?group_id=' . $group_id, _('Advanced search'), array('class' => 'lnkutility')) . '</td>'; } print '</tr></table>'; print '</form>'; }
// Support for short aliases if (!$words) { $words = getStringFromRequest('q'); } if (!$type_of_search) { $type_of_search = getStringFromRequest('type'); } if (!$type_of_search) { $type_of_search = getStringFromRequest('t'); } if (!$type_of_search) { $type_of_search = SEARCH__TYPE_IS_SOFTWARE; } $words = htmlspecialchars($words); $offset = getIntFromGet('offset'); $searchManager =& getSearchManager(); $parameters = array(SEARCH__PARAMETER_GROUP_ID => $group_id, SEARCH__PARAMETER_ARTIFACT_ID => $atid, SEARCH__PARAMETER_FORUM_ID => $forum_id, SEARCH__PARAMETER_GROUP_PROJECT_ID => $group_project_id); $searchManager->setParametersValues($parameters); if (getStringFromRequest('rss')) { $outputFormat = SEARCH__OUTPUT_RSS; } else { $outputFormat = SEARCH__OUTPUT_HTML; } $renderer = $searchManager->getSearchRenderer($type_of_search, $words, $offset, $exact, $outputFormat); if ($renderer) { $renderer->flush(); } else { $HTML->header(array('title' => _('Search'))); echo '<h1>' . _('Error - Invalid search') . '</h1>'; $HTML->footer(array()); exit;