From: Gilles D. <gr...@sc...> - 2002-02-13 16:52:08
|
According to Gabriele Bartolini: > >opened up any security holes right in htsearch. What did you have > >to change directly in htsearch, or did you manage everything by using > >template files to spit out the PHP code? I think the more you do with > > Sorry Gilles, I didn't explain it very well! > > Yes, everything is made by using template files. No change to the internal > code. For instance this is the header template file content: > > \$_Head['matches'] = $(MATCHES); > \$_Head['firstdisplayed'] = $(FIRSTDISPLAYED); > \$_Head['lastdisplayed'] = $(LASTDISPLAYED); > \$_Head['logical_words'] = '$%(LOGICAL_WORDS)'; > \$i = 0; > > whereas here is the code for the results template: > > \$_Results[\$i]['title'] = '$%(TITLE)'; > \$_Results[\$i]['url'] = '$%(URL)'; > \$_Results[\$i]['percent'] = $(PERCENT); > \$_Results[\$i]['excerpt'] = '$%(EXCERPT)'; > \$i += 1; > > As you can see I am not using all of the variables. Just a few. Anyway, I > just need to evaluate the code resulting from htsearch and ... that's it. I > have 2 associative arrays, one called $_Head and one called $_Result. > > Let me know what you think about it! Looks reasonable to me. What about doing anything with $(MODIFIED) and $(SIZE) in $_Results? I know, it's just my bias, but I like seeing those in search results. I also noticed you don't use $(WORD) in $_Head, nor any of the other template variables commonly used for the followup search form (e.g. RESTRICT, EXCLUDE, CONFIG, SELECTED_FORMAT, SELECTED_METHOD and SELECTED_SORT), so I'm assuming that you don't have a followup form. Maybe I'm wrong, though, and you simply propagate the user input to the followup form directly in PHP, without the need for anything from htsearch. Is that right? -- Gilles R. Detillieux E-mail: <gr...@sc...> Spinal Cord Research Centre WWW: http://www.scrc.umanitoba.ca/~grdetil Dept. Physiology, U. of Manitoba Phone: (204)789-3766 Winnipeg, MB R3E 3J7 (Canada) Fax: (204)789-3930 |