diff options
author | Sem <sembrestels@riseup.net> | 2014-01-22 03:37:52 +0100 |
---|---|---|
committer | Sem <sembrestels@riseup.net> | 2014-01-22 03:37:52 +0100 |
commit | 4a2ed114bb18c5363f594a380676c5654f4165a4 (patch) | |
tree | 3a37094b249c40e3e6bf122691db53115f65f8f0 /mod/search/pages/search/index.php | |
parent | 673932bc46a3918293a28c2c2fc622b3e5ff6bde (diff) | |
parent | 0dd36c458d41e77521c36ae572fe73114ad4bc5a (diff) | |
download | elgg-4a2ed114bb18c5363f594a380676c5654f4165a4.tar.gz elgg-4a2ed114bb18c5363f594a380676c5654f4165a4.tar.bz2 |
Merge tag '1.8.18' of git://github.com/Elgg/Elgg into develop
1.8.18
Conflicts:
mod/tinymce/vendor/tinymce/jscripts/tiny_mce/langs/en.js
mod/tinymce/vendor/tinymce/jscripts/tiny_mce/themes/advanced/langs/en_dlg.js
Diffstat (limited to 'mod/search/pages/search/index.php')
-rw-r--r-- | mod/search/pages/search/index.php | 12 |
1 files changed, 2 insertions, 10 deletions
diff --git a/mod/search/pages/search/index.php b/mod/search/pages/search/index.php index fcd95c43e..9542e0751 100644 --- a/mod/search/pages/search/index.php +++ b/mod/search/pages/search/index.php @@ -17,15 +17,7 @@ $search_type = get_input('search_type', 'all'); // XSS protection is more important that searching for HTML. $query = stripslashes(get_input('q', get_input('tag', ''))); -// @todo - create function for sanitization of strings for display in 1.8 -// encode <,>,&, quotes and characters above 127 -if (function_exists('mb_convert_encoding')) { - $display_query = mb_convert_encoding($query, 'HTML-ENTITIES', 'UTF-8'); -} else { - // if no mbstring extension, we just strip characters - $display_query = preg_replace("/[^\x01-\x7F]/", "", $query); -} -$display_query = htmlspecialchars($display_query, ENT_QUOTES, 'UTF-8', false); +$display_query = _elgg_get_display_query($query); // check that we have an actual query if (!$query) { @@ -63,7 +55,7 @@ switch ($sort) { break; } -$order = get_input('sort', 'desc'); +$order = get_input('order', 'desc'); if ($order != 'asc' && $order != 'desc') { $order = 'desc'; } |