Revision 491
Added by Matthias over 17 years ago
branches/2.6.x/wb/search/search.php | ||
---|---|---|
53 | 53 |
} else { |
54 | 54 |
$string=$_REQUEST['string']; |
55 | 55 |
} |
56 |
$string = $wb->add_slashes($string); |
|
56 | 57 |
// remove some bad chars like _single_ '"', '&'. '!", ... |
57 | 58 |
$string = preg_replace("/(^|\s+)([-=+_&!;#]|\\\\\"|\\\\')+(?=\s+|$)/", "", $string); |
58 |
$string = my_htmlspecialchars($string);
|
|
59 |
$string = strtr(my_htmlspecialchars($string), array('\"'=>'"'));
|
|
59 | 60 |
// reverse potential magic_quotes action |
60 | 61 |
$original_string=$wb->strip_slashes($string); |
61 | 62 |
// Double backslashes (mySQL needs doubly escaped backslashes in LIKE comparisons) |
62 |
$string = addslashes($wb->escape_backslashes($original_string));
|
|
63 |
$string = $wb->escape_backslashes($original_string);
|
|
63 | 64 |
// convert a copy of $string to HTML-ENTITIES |
64 | 65 |
$string_entities = umlauts_to_entities($string); |
65 | 66 |
// and do some convertion to both |
branches/2.6.x/wb/search/search_convert.php | ||
---|---|---|
1 | 1 |
<?php |
2 | 2 |
|
3 |
// $Id: search_convert.php 480 2007-06-11 16:35:58Z Ruebenwurzel $
|
|
3 |
// $Id: search_convert.php 490 2007-06-23 08:13:53Z Ruebenwurzel $
|
|
4 | 4 |
|
5 | 5 |
/* |
6 | 6 |
|
... | ... | |
35 | 35 |
|
36 | 36 |
//htmlspecialchars_decode |
37 | 37 |
$string_htmlspecialchars_decode=array( |
38 |
"<"=>"<", ">"=>">", "&"=>"&", """=>"\"", "'"=>"\'"
|
|
38 |
"<"=>"<", ">"=>">", "&"=>"&", """=>"\"", "'"=>"\'" |
|
39 | 39 |
); |
40 | 40 |
//htmlspecialchars_decode |
41 | 41 |
$string_htmlspecialchars_encode=array( |
42 |
"<"=>"<", ">"=>">", "&"=>"&", "\""=>""", "\'"=>"'"
|
|
42 |
"<"=>"<", ">"=>">", "&"=>"&", "\""=>""", "\'"=>"'" |
|
43 | 43 |
); |
44 | 44 |
|
45 | 45 |
//convert some bad characters |
branches/2.6.x/wb/framework/convert.php | ||
---|---|---|
50 | 50 |
'š'=>'s', |
51 | 51 |
'Ÿ'=>'Y', |
52 | 52 |
'©'=>'(c)','®'=>'(r)','Ð'=>'D','×'=>'x','Ø'=>'O','Þ'=>'TH','ð'=>'d','ø'=>'o','þ'=>'th', |
53 |
'''=>'-','"'=>'-',
|
|
53 |
'''=>'-','''=>'-','"'=>'-',
|
|
54 | 54 |
// latin extended-A |
55 | 55 |
'Ā'=>'A','ā'=>'a','Ă'=>'A','ă'=>'a','Ą'=>'A','ą'=>'a', |
56 | 56 |
'Ć'=>'C','ć'=>'c','Ĉ'=>'C','ĉ'=>'c','č'=>'c','Č'=>'C','ċ'=>'c','Ċ'=>'C', |
branches/2.6.x/wb/framework/frontend.functions.php | ||
---|---|---|
76 | 76 |
$string = entities_to_umlauts($search_string, 'UTF-8'); |
77 | 77 |
$string = strtr($string, $string_ul_umlauts); |
78 | 78 |
// do some magic to prevent < > ... from being highlighted |
79 |
$foo = strtr($foo, array("<"=>"!,,!", ">"=>"!,,,!", "&"=>"!,,,,!", """=>"!,,,,,!", "'"=>"!,,,,,,!"));
|
|
80 |
$string = strtr($string, array("<"=>"!,,!", ">"=>"!,,,!", "&"=>"!,,,,!", """=>"!,,,,,!", "'"=>"!,,,,,,!"));
|
|
79 |
$foo = strtr($foo, array("<"=>"!,,!", ">"=>"!,,,!", "&"=>"!,,,,!", """=>"!,,,,,!", "'"=>"!,,,,,,!")); |
|
80 |
$string = strtr($string, array("<"=>"!,,!", ">"=>"!,,,!", "&"=>"!,,,,!", """=>"!,,,,,!", "'"=>"!,,,,,,!")); |
|
81 | 81 |
$foo = preg_replace('/('.$string.')(?=[^>]*<)/iUS', '<span class="highlight">$1</span>',$foo); |
82 | 82 |
$pos = strpos($foo, '<'); |
83 | 83 |
if ($pos === false) { // "===" means identicaly |
84 | 84 |
$foo = preg_replace('/('.$string.')/i', '<span class="highlight">$1</span>',$foo); |
85 | 85 |
} |
86 |
$foo = strtr($foo, array("!,,!"=>"<", "!,,,!"=>">", "!,,,,!"=>"&", "!,,,,,!"=>""", "!,,,,,,!"=>"'"));
|
|
86 |
$foo = strtr($foo, array("!,,!"=>"<", "!,,,!"=>">", "!,,,,!"=>"&", "!,,,,,!"=>""", "!,,,,,,!"=>"'")); |
|
87 | 87 |
if(DEFAULT_CHARSET != 'utf-8') { |
88 | 88 |
$foo = umlauts_to_defcharset($foo, 'UTF-8'); |
89 | 89 |
} |
branches/2.6.x/wb/framework/functions.php | ||
---|---|---|
341 | 341 |
// Function as replecement for php's htmlspecialchars() |
342 | 342 |
function my_htmlspecialchars($string) { |
343 | 343 |
$string = preg_replace("/&(?=[#a-z0-9]+;)/i", "_x_", $string); |
344 |
$string = strtr($string, array("<"=>"<", ">"=>">", "&"=>"&", "\""=>""", "\'"=>"'"));
|
|
344 |
$string = strtr($string, array("<"=>"<", ">"=>">", "&"=>"&", "\""=>""", "\'"=>"'")); |
|
345 | 345 |
$string = preg_replace("/_x_(?=[#a-z0-9]+;)/i", "&", $string); |
346 | 346 |
return($string); |
347 | 347 |
} |
... | ... | |
431 | 431 |
} |
432 | 432 |
} |
433 | 433 |
} else { |
434 |
$string = strtr($string, array("<"=>"&_lt;", ">"=>"&_gt;", "&"=>"&_amp;", """=>"&_quot;", "'"=>"&_#039;"));
|
|
434 |
$string = strtr($string, array("<"=>"&_lt;", ">"=>"&_gt;", "&"=>"&_amp;", """=>"&_quot;", "'"=>"&_#39;"));
|
|
435 | 435 |
$string=mb_convert_encoding($string, $charset_out, $charset_in); |
436 |
$string = strtr($string, array("&_lt;"=>"<", "&_gt;"=>">", "&_amp;"=>"&", "&_quot;"=>""", "&_#039;"=>"'"));
|
|
436 |
$string = strtr($string, array("&_lt;"=>"<", "&_gt;"=>">", "&_amp;"=>"&", "&_quot;"=>""", "&_#39;"=>"'"));
|
|
437 | 437 |
} |
438 | 438 |
return $string; |
439 | 439 |
} |
... | ... | |
613 | 613 |
); |
614 | 614 |
|
615 | 615 |
if ($in == 'HTML-ENTITIES') { |
616 |
$string = strtr($string, array('''=>''')); // fix a broken entity |
|
616 | 617 |
$string = strtr($string, $named_to_numbered_entities); |
617 | 618 |
$string = preg_replace("/&#([0-9]+);/e", "code_to_utf8($1)", $string); |
618 | 619 |
} |
Also available in: Unified diff
Added changeset [490] to the branches