diff options
Diffstat (limited to 'web')
| -rw-r--r-- | web/lib/pkgfuncs.inc | 78 | ||||
| -rw-r--r-- | web/template/pkg_search_results.php | 24 |
2 files changed, 51 insertions, 51 deletions
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc index 740d786f..0c0b56c0 100644 --- a/web/lib/pkgfuncs.inc +++ b/web/lib/pkgfuncs.inc @@ -655,22 +655,22 @@ function pkg_search_page($SID="") { // sanitize paging variables // - if (isset($_REQUEST['O'])) { - $O = intval($_REQUEST['O']); - if ($O < 0) - $O = 0; + if (isset($_GET['O'])) { + $_GET['O'] = intval($_GET['O']); + if ($_GET['O'] < 0) + $_GET['O'] = 0; } else { - $O = 0; + $_GET['O'] = 0; } - if (isset($_REQUEST["PP"])) { - $PP = intval($_REQUEST["PP"]); - if ($PP < 25) - $PP = 25; - else if ($PP > 100) - $PP = 100; + if (isset($_GET["PP"])) { + $_GET["PP"] = intval($_GET["PP"]); + if ($_GET["PP"] < 25) + $_GET["PP"] = 25; + else if ($_GET["PP"] > 100) + $_GET["PP"] = 100; } else { - $PP = 25; + $_GET["PP"] = 25; } include('../template/pkg_search_form.php'); @@ -707,83 +707,83 @@ function pkg_search_page($SID="") { // TODO: possibly do string matching on category and // location to make request variable values more sensible - if (intval($_REQUEST["L"])) { - $q .= "AND Packages.LocationID = ".intval($_REQUEST["L"])." "; + if (intval($_GET["L"])) { + $q .= "AND Packages.LocationID = ".intval($_GET["L"])." "; } - if (intval($_REQUEST["C"])) { - $q.= "AND Packages.CategoryID = ".intval($_REQUEST["C"])." "; + if (intval($_GET["C"])) { + $q.= "AND Packages.CategoryID = ".intval($_GET["C"])." "; } - if ($_REQUEST['K']) { - $K = mysql_real_escape_string(trim($_REQUEST['K'])); + if ($_GET['K']) { + $_GET['K'] = mysql_real_escape_string(trim($_GET['K'])); //search by maintainer - if ($_REQUEST["SeB"] == "m"){ - $q.= "AND Users.Username = '".$K."' "; - } elseif ($_REQUEST["SeB"] == "s") { + if ($_GET["SeB"] == "m"){ + $q.= "AND Users.Username = '".$_GET['K']."' "; + } elseif ($_GET["SeB"] == "s") { // FIXME: this shouldn't be making 2 queries // kill the call to uid_from_username - $q.= "AND SubmitterUID = ".uid_from_username($_REQUEST['K'])." "; + $q.= "AND SubmitterUID = ".uid_from_username($_GET['K'])." "; // the default behavior, query the name/description } else { - $q.= "AND (Name LIKE '%".$K."%' OR "; - $q.= "Description LIKE '%".$K."%') "; + $q.= "AND (Name LIKE '%".$_GET['K']."%' OR "; + $q.= "Description LIKE '%".$_GET['K']."%') "; } } - if ($_REQUEST["do_Orphans"]) { + if ($_GET["do_Orphans"]) { $q.= "AND MaintainerUID = 0 "; } - $order = $_REQUEST["SO"] == 'd' ? 'DESC' : 'ASC'; + $order = $_GET["SO"] == 'd' ? 'DESC' : 'ASC'; - switch ($_REQUEST["SB"]) { + switch ($_GET["SB"]) { case 'c': $q.= "ORDER BY CategoryID ".$order.", Name ASC, LocationID ASC "; - $SB = 'c'; + $_GET["SB"] = 'c'; break; case 'l': $q.= "ORDER BY LocationID ".$order.", Name ASC, CategoryID DESC "; - $SB = 'l'; + $_GET["SB"] = 'l'; break; case 'v': $q.= "ORDER BY NumVotes ".$order.", Name ASC, CategoryID DESC "; - $SB = 'v'; + $_GET["SB"] = 'v'; break; case 'm': $q.= "ORDER BY Maintainer ".$order.", Name ASC, LocationID ASC "; - $SB = 'm'; + $_GET["SB"] = 'm'; break; case 'a': $q.= "ORDER BY GREATEST(SubmittedTS,ModifiedTS) ".$order.", Name ASC, LocationID ASC "; - $SB = 'a'; + $_GET["SB"] = 'a'; break; default: $q.= "ORDER BY Name ".$order.", LocationID ASC, CategoryID DESC "; break; } - $q.= "LIMIT ".$O.", ".$PP; + $q.= "LIMIT ".$_GET["O"].", ".$_GET["PP"]; $result = db_query($q, $dbh); $total = mysql_result(db_query('SELECT FOUND_ROWS() AS Total', $dbh), 0); if ($result && $total > 0) { - if ($_REQUEST["SO"] == "d"){ + if ($_GET["SO"] == "d"){ $SO_next="a"; - $SO = 'd'; + $_GET["SO"] = 'd'; } else { $SO_next="d"; - $SO = 'a'; + $_GET["SO"] = 'a'; } } // figure out the results to use - $first = $O + 1; + $first = $_GET['O'] + 1; - if (($PP+$O) > $total) { + if (($_GET['PP']+$_GET['O']) > $total) { $last = $total; } else { - $last = $PP + $O; + $last = $_GET['PP'] + $_GET['O']; } include('pkg_search_results.php'); diff --git a/web/template/pkg_search_results.php b/web/template/pkg_search_results.php index 12b32a13..a1cb038e 100644 --- a/web/template/pkg_search_results.php +++ b/web/template/pkg_search_results.php @@ -1,6 +1,6 @@ <?php # Encode search string -$K = urlencode($K); +$_GET['K'] = urlencode($_GET['K']); ?> <form action='packages.php?<?php print $_SERVER['QUERY_STRING'] ?>' method='post'> <center> @@ -26,16 +26,16 @@ $K = urlencode($K); <th style='border-bottom: #666 1px solid; vertical-align: bottom'> </th> <?php endif; ?> <th style='border-bottom: #666 1px solid; vertical-align: bottom'><span class='f2'> - <?php print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=l&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Location")."</a>"; ?> + <a href='?<?php print mkurl('SB=l&SO=' . $SO_next) ?>'><?php print __("Location") ?></a> </span></th> <th style='border-bottom: #666 1px solid; vertical-align: bottom'><span class='f2'> - <?php print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=c&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Category")."</a>"; ?> + <a href='?<?php print mkurl('SB=c&SO=' . $SO_next) ?>'><?php print __("Category") ?></a> </span></th> <th style='border-bottom: #666 1px solid; vertical-align: bottom'><span class='f2'> - <?php print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=n&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Name")."</a>"; ?> + <a href='?<?php print mkurl('SB=n&SO=' . $SO_next) ?>'><?php print __("Name") ?></a> </span></th> <th style='border-bottom: #666 1px solid; vertical-align: bottom'><span class='f2'> - <?php print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=v&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Votes")."</a>"; ?> + <a href='?<?php print mkurl('SB=v&SO=' . $SO_next) ?>'><?php print __("Votes") ?></a> </span></th> <?php if ($SID): ?> <th style='border-bottom: #666 1px solid; vertical-align: bottom'><span class='f2'><?php print __("Voted") ?></span></th> @@ -43,7 +43,7 @@ $K = urlencode($K); <?php endif; ?> <th style='border-bottom: #666 1px solid; vertical-align: bottom'><span class='f2'><?php print __("Description") ?></a></span></th> <th style='border-bottom: #666 1px solid; vertical-align: bottom'><span class='f2'> - <?php print "<a href='?O=$O&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=m&SO=$SO_next&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_Orphans=".$_REQUEST["do_Orphans"]."'>".__("Maintainer")."</a>"; ?> + <a href='?<?php print mkurl('SB=m&SO=' . $SO_next) ?>'><?php print __("Maintainer") ?></a> </span></th> </tr> @@ -125,15 +125,15 @@ for ($i = 0; $row = mysql_fetch_assoc($result); $i++) { </tr> <tr> <td align='left'> - <?php if (($O-$PP) >= 0): ?> - <?php print "<a href='packages.php?O=" . ($O - $PP) . "&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=$SB&SO=$SO&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_Orphans=".$_REQUEST["do_Orphans"]. "'>" . __("Less") . "</a>" ?> - <?php elseif ($O<$PP && $O>0): ?> - <?php print "<a href='packages.php?O=0&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"])."&K=$K&SB=$SB&SO=$SO&PP=$PP&SeB=".$_REQUEST["SeB"]."&do_Orphans=".$_REQUEST["do_Orphans"]. "'>" . __("Less") . "</a>" ?> + <?php if (($_GET['O'] - $_GET['PP']) >= 0): ?> + <a href="packages.php?<?php print mkurl('O=' . ($_GET['O'] - $_GET['PP'])) ?>"><?php print __("Less") ?></a> + <?php elseif ($_GET['O']<$_GET['PP'] && $_GET['O']>0): ?> + <a href="packages.php?<?php print mkurl('O=0') ?>"><?php print __("Less") ?></a> <?php endif; ?> </td> <td align='right'> - <?php if ($total - $PP - $O > 0): ?> - <?php print "<a href='packages.php?O=" . ($O + $PP) . "&L=".intval($_REQUEST["L"])."&C=".intval($_REQUEST["C"]) . "&K=$K&SB=$SB&SO=$SO&PP=$PP&SeB=".$_REQUEST["SeB"] . "&do_Orphans=".$_REQUEST["do_Orphans"]."'>" . __("More") . "</a>" ?> + <?php if ($total - $_GET['PP'] - $_GET['O'] > 0): ?> + <a href='packages.php?<?php print mkurl('O=' . ($_GET['O'] + $_GET['PP'])) ?>'><?php print __("More") ?></a> <?php endif; ?> </td> </tr> |