From: <de...@de...> - 2008-12-04 03:05:03
|
Author: PeterThoeny Date: 2008-12-03 21:04:56 -0600 (Wed, 03 Dec 2008) New Revision: 17767 Trac url: http://develop.twiki.org/trac/changeset/17767 Modified: twiki/trunk/core/data/TWiki/WebSearch.txt twiki/trunk/core/data/TWiki/WebSearchAdvanced.txt Log: Item6137: %URLPARAM% in HTML input form fields need to be entity encoded (follow-up fix, alredy in hotfix) Modified: twiki/trunk/core/data/TWiki/WebSearch.txt =================================================================== --- twiki/trunk/core/data/TWiki/WebSearch.txt 2008-12-04 03:03:05 UTC (rev 17766) +++ twiki/trunk/core/data/TWiki/WebSearch.txt 2008-12-04 03:04:56 UTC (rev 17767) @@ -1,15 +1,15 @@ -%META:TOPICINFO{author="BaseUserMapping_333" date="1228138146" format="1.1" version="1.2"}% +%META:TOPICINFO{author="TWikiContributor" date="1228358828" format="1.1" version="$Rev$"}% %META:TOPICPARENT{name="WebHome"}% ---+ %MAKETEXT{"Web Search"}% -%IF{"defined search" then='%ICON{feed}% <a href="%SCRIPTURL{"view"}%/%BASEWEB%/WebRss?search=%URLPARAM{"search" encode="url"}%;type=%IF{"'%URLPARAM{"regex"}%'='on' OR '%URLPARAM{"type"}%'='regex'" then="regex" else="word"}%;excludetopic=%BASETOPIC%,WebHome,WebStatistics;web=%URLPARAM{"web" default="%BASEWEB%"}%;limit=%URLPARAM{"limit" default="all"}%;scope=%URLPARAM{"scope" default="text"}%;casesensitive=%URLPARAM{"casesensitive" default="off"}%">%MAKETEXT{"Get notified on changes on this search"}%</a>'}% +%IF{"defined search" then='%ICON{feed}% <a href="%SCRIPTURL{"view"}%/%BASEWEB%/WebRss?search=%URLPARAM{"search" encode="url"}%;type=%IF{"'%URLPARAM{"regex" encode="url"}%'='on' OR '%URLPARAM{"type" encode="url"}%'='regex'" then="regex" else="word"}%;excludetopic=%BASETOPIC%,WebHome,WebStatistics;web=%URLPARAM{"web" encode="url" default="%BASEWEB%"}%;limit=%URLPARAM{"limit" encode="url" default="all"}%;scope=%URLPARAM{"scope" encode="url" default="text"}%;casesensitive=%URLPARAM{"casesensitive" encode="url" default="off"}%">%MAKETEXT{"Get notified on changes on this search"}%</a>'}% %SEARCH{ "%URLPARAM{"search" encode="quote"}%" -type="%URLPARAM{"type" default="word"}%" -scope="%URLPARAM{"scope"}%" -web="%URLPARAM{web}%" -nosearch="%URLPARAM{nosearch}%" +type="%URLPARAM{"type" encode="quote" default="word"}%" +scope="%URLPARAM{"scope" encode="quote"}%" +web="%URLPARAM{"web" encode="quote"}%" +nosearch="%URLPARAM{"nosearch" encode="quote"}%" zeroresults="%IF{ "defined search" then="on" else="off" }%" }% @@ -21,16 +21,16 @@ <tr> <td colspan="2" class="twikiFirstRow"> <input type="text" class="twikiInputField" name="search" value="%URLPARAM{ "search" encode="entity" }%" size="40" /> - <input type="submit" class="twikiSubmit" value='%MAKETEXT{"Search"}%' /><span class="twikiSmall"> <a href='%SCRIPTURL{view}%/%INCLUDINGWEB%/WebSearchAdvanced?search=%URLPARAM{"search" encode="url"}%;type=%URLPARAM{"type" default="word"}%;scope=%URLPARAM{scope}%;web=%URLPARAM{web}%;nosearch=%URLPARAM{nosearch}%'>%MAKETEXT{"Advanced search"}%</a> | [[%SYSTEMWEB%.SearchHelp][%MAKETEXT{"Help"}%]]</span> + <input type="submit" class="twikiSubmit" value='%MAKETEXT{"Search"}%' /><span class="twikiSmall"> <a href='%SCRIPTURL{view}%/%INCLUDINGWEB%/WebSearchAdvanced?search=%URLPARAM{"search" encode="url"}%;type=%URLPARAM{"type" encode="url" default="word"}%;scope=%URLPARAM{"scope" encode="url"}%;web=%URLPARAM{"web" encode="url"}%;nosearch=%URLPARAM{"nosearch" encode="url"}%'>%MAKETEXT{"Advanced search"}%</a> | [[%SYSTEMWEB%.SearchHelp][%MAKETEXT{"Help"}%]]</span> <div class="twikiSmall" style="padding:1em 0 0 0;">%MAKETEXT{"TIP: to search for all topics that contain =\"SOAP\"=, =\"WSDL\"=, a literal =\"web service\"=, but not =\"shampoo\"=, write:"}% <code>soap wsdl "web service" -shampoo</code></div> </td> </tr> <tr> <th class="twikiLast">%MAKETEXT{"Search where:"}%</th> <td class="twikiLast"> -<input type="radio" class="twikiRadioButton" id="textbody" name="scope" value="text" %IF{" '%URLPARAM{scope}%' = 'text' " then="checked=\"checked\"" else=""}% /><label for="textbody"> %MAKETEXT{"Text body"}%</label> <input type="radio" class="twikiRadioButton" id="topictitle" name="scope" value="topic" %IF{" '%URLPARAM{scope}%' = 'topic' " then="checked=\"checked\"" else=""}% /><label for="topictitle"> %MAKETEXT{"Topic title"}%</label> <input type="radio" class="twikiRadioButton" id="both" name="scope" value="all" %IF{" '%URLPARAM{"scope" default="all"}%' = 'all' " then="checked=\"checked\"" else=""}% /><label for="both"> %MAKETEXT{"Both body and title"}%</label> +<input type="radio" class="twikiRadioButton" id="textbody" name="scope" value="text" %IF{" '%URLPARAM{"scope" encode="entity"}%' = 'text' " then="checked=\"checked\"" else=""}% /><label for="textbody"> %MAKETEXT{"Text body"}%</label> <input type="radio" class="twikiRadioButton" id="topictitle" name="scope" value="topic" %IF{" '%URLPARAM{"scope" encode="entity"}%' = 'topic' " then="checked=\"checked\"" else=""}% /><label for="topictitle"> %MAKETEXT{"Topic title"}%</label> <input type="radio" class="twikiRadioButton" id="both" name="scope" value="all" %IF{" '%URLPARAM{"scope" encode="entity" default="all"}%' = 'all' " then="checked=\"checked\"" else=""}% /><label for="both"> %MAKETEXT{"Both body and title"}%</label> <hr /> -<input type="checkbox" class="twikiCheckbox" id="web" name="web" value="all" %IF{" '%URLPARAM{web}%' = 'all'" then="checked=\"checked\"" else=""}% /><label for="web"> %MAKETEXT{"All public webs"}%</label> <span class="twikiSmall">%MAKETEXT{"(otherwise search [_1] Web only)" args="<nop>%INCLUDINGWEB%"}%</span> +<input type="checkbox" class="twikiCheckbox" id="web" name="web" value="all" %IF{" '%URLPARAM{"web" encode="entity"}%' = 'all'" then="checked=\"checked\"" else=""}% /><label for="web"> %MAKETEXT{"All public webs"}%</label> <span class="twikiSmall">%MAKETEXT{"(otherwise search [_1] Web only)" args="<nop>%INCLUDINGWEB%"}%</span> </td> </tr> </table> Modified: twiki/trunk/core/data/TWiki/WebSearchAdvanced.txt =================================================================== --- twiki/trunk/core/data/TWiki/WebSearchAdvanced.txt 2008-12-04 03:03:05 UTC (rev 17766) +++ twiki/trunk/core/data/TWiki/WebSearchAdvanced.txt 2008-12-04 03:04:56 UTC (rev 17767) @@ -1,22 +1,22 @@ -%META:TOPICINFO{author="TWikiContributor" date="1167874036" format="1.0" version="$Rev$"}% +%META:TOPICINFO{author="TWikiContributor" date="1228358859" format="1.1" version="$Rev$"}% %META:TOPICPARENT{name="WebSearch"}% ---+ %MAKETEXT{"Advanced Search"}% -%IF{"defined search" then='%ICON{feed}% <a href="%SCRIPTURL{"view"}%/%BASEWEB%/WebRss?search=%URLPARAM{"search" encode="url"}%;type=%IF{"'%URLPARAM{"regex"}%'='on' OR '%URLPARAM{"type"}%'='regex'" then="regex" else="word"}%;excludetopic=%BASETOPIC%,WebHome,WebStatistics;web=%URLPARAM{"web" default="%BASEWEB%"}%;limit=%URLPARAM{"limit" default="all"}%;scope=%URLPARAM{"scope" default="text"}%;casesensitive=%URLPARAM{"casesensitive" default="off"}%">%MAKETEXT{"Get notified on changes on this search"}%</a>'}% +%IF{"defined search" then='%ICON{feed}% <a href="%SCRIPTURL{"view"}%/%BASEWEB%/WebRss?search=%URLPARAM{"search" encode="url"}%;type=%IF{"'%URLPARAM{"regex" encode="url"}%'='on' OR '%URLPARAM{"type" encode="url"}%'='regex'" then="regex" else="word"}%;excludetopic=%BASETOPIC%,WebHome,WebStatistics;web=%URLPARAM{"web" encode="url" default="%BASEWEB%"}%;limit=%URLPARAM{"limit" encode="url" default="all"}%;scope=%URLPARAM{"scope" encode="url" default="text"}%;casesensitive=%URLPARAM{"casesensitive" encode="url" default="off"}%">%MAKETEXT{"Get notified on changes on this search"}%</a>'}% %SEARCH{ "%URLPARAM{"search" encode="quote"}%" -type="%IF{" '%URLPARAM{regex}%' = 'on' or '%URLPARAM{type}%' = 'regex'" then="regex" else="word"}%" -scope="%URLPARAM{scope}%" -web="%URLPARAM{web}%" -nosearch="%URLPARAM{nosearch}%" -casesensitive="%URLPARAM{casesensitive}%" -bookview="%URLPARAM{bookview}%" -nosummary="%URLPARAM{nosummary}%" -nototal="%URLPARAM{nototal}%" -order="%URLPARAM{order}%" -reverse="%URLPARAM{reverse}%" -limit="%URLPARAM{limit}%" +type="%IF{" '%URLPARAM{"regex" encode="entity"}%' = 'on' or '%URLPARAM{"type" encode="entity"}%' = 'regex'" then="regex" else="word"}%" +scope="%URLPARAM{"scope" encode="quote"}%" +web="%URLPARAM{"web" encode="quote"}%" +nosearch="%URLPARAM{"nosearch" encode="quote"}%" +casesensitive="%URLPARAM{"casesensitive" encode="quote"}%" +bookview="%URLPARAM{"bookview" encode="quote"}%" +nosummary="%URLPARAM{"nosummary" encode="quote"}%" +nototal="%URLPARAM{"nototal" encode="quote"}%" +order="%URLPARAM{"order" encode="quote"}%" +reverse="%URLPARAM{"reverse" encode="quote"}%" +limit="%URLPARAM{"limit" encode="quote"}%" zeroresults="%IF{ "defined search" then="on" else="off" }%" }% @@ -28,46 +28,46 @@ <tr> <td colspan="2" class="twikiFirstRow"> <input class="twikiInputField" type="text" name="search" value="%URLPARAM{ "search" encode="entity" }%" size="40" /> - <input type="submit" class="twikiSubmit" value='%MAKETEXT{"Search"}%' /><span class="twikiSmall"> <a href='%SCRIPTURL{view}%/%INCLUDINGWEB%/WebSearch?search=%URLPARAM{"search" encode="url"}%;type=%URLPARAM{"type" default="word"}%;scope=%URLPARAM{scope}%;web=%URLPARAM{web}%;nosearch=%URLPARAM{nosearch}%'>%MAKETEXT{"Simple search"}%</a> | [[%SYSTEMWEB%.SearchHelp][%MAKETEXT{"Help"}%]]</span> + <input type="submit" class="twikiSubmit" value='%MAKETEXT{"Search"}%' /><span class="twikiSmall"> <a href='%SCRIPTURL{view}%/%INCLUDINGWEB%/WebSearch?search=%URLPARAM{"search" encode="url"}%;type=%URLPARAM{"type" encode="url" default="word"}%;scope=%URLPARAM{"scope" encode="url"}%;web=%URLPARAM{"web" encode="url"}%;nosearch=%URLPARAM{"nosearch" encode="url"}%'>%MAKETEXT{"Simple search"}%</a> | [[%SYSTEMWEB%.SearchHelp][%MAKETEXT{"Help"}%]]</span> <div class="twikiSmall" style="padding:1em 0 0 0;">%MAKETEXT{"TIP: to search for all topics that contain =\"SOAP\"=, =\"WSDL\"=, a literal =\"web service\"=, but not =\"shampoo\"=, write:"}% <code>soap wsdl "web service" -shampoo</code></div> </td> </tr> <tr> <th>%MAKETEXT{"Search where:"}%</th> <td> -<input type="radio" class="twikiRadioButton" id="textbody" name="scope" value="text" %IF{" '%URLPARAM{"scope"}%' = 'text' " then="checked=\"checked\"" else=""}% /><label for="textbody"> %MAKETEXT{"Text body"}%</label><br /> -<input type="radio" class="twikiRadioButton" id="topictitle" name="scope" value="topic" %IF{" '%URLPARAM{"scope" default="all"}%' = 'topic' " then="checked=\"checked\"" else=""}% /><label for="topictitle"> %MAKETEXT{"Topic title"}%</label><br /> -<input type="radio" class="twikiRadioButton" id="both" name="scope" value="all" %IF{" '%URLPARAM{"scope" default="all"}%' = 'all' " then="checked=\"checked\"" else=""}% /><label for="both"> %MAKETEXT{"Both body and title"}%</label> +<input type="radio" class="twikiRadioButton" id="textbody" name="scope" value="text" %IF{" '%URLPARAM{"scope" encode="entity"}%' = 'text' " then="checked=\"checked\"" else=""}% /><label for="textbody"> %MAKETEXT{"Text body"}%</label><br /> +<input type="radio" class="twikiRadioButton" id="topictitle" name="scope" value="topic" %IF{" '%URLPARAM{"scope" encode="entity" default="all"}%' = 'topic' " then="checked=\"checked\"" else=""}% /><label for="topictitle"> %MAKETEXT{"Topic title"}%</label><br /> +<input type="radio" class="twikiRadioButton" id="both" name="scope" value="all" %IF{" '%URLPARAM{"scope" encode="entity" default="all"}%' = 'all' " then="checked=\"checked\"" else=""}% /><label for="both"> %MAKETEXT{"Both body and title"}%</label> <hr /> -<input type="checkbox" class="twikiCheckbox" id="web" name="web" value="all" %IF{" '%URLPARAM{web}%' = 'all'" then="checked=\"checked\"" else=""}% /><label for="web"> %MAKETEXT{"All public webs"}%</label> <span class="twikiSmall">%MAKETEXT{"(otherwise search [_1] Web only)" args="<nop>%INCLUDINGWEB%"}%</span> +<input type="checkbox" class="twikiCheckbox" id="web" name="web" value="all" %IF{" '%URLPARAM{"web" encode="entity"}%' = 'all'" then="checked=\"checked\"" else=""}% /><label for="web"> %MAKETEXT{"All public webs"}%</label> <span class="twikiSmall">%MAKETEXT{"(otherwise search [_1] Web only)" args="<nop>%INCLUDINGWEB%"}%</span> </td> </tr> <tr> <th>%MAKETEXT{"Sort results by:"}%</th> <td> -<input type="radio" class="twikiRadioButton" id="topic" name="order" value="topic" %IF{" '%URLPARAM{"order" default="topic"}%' = 'topic' " then="checked=\"checked\"" else=""}% /><label for="topic"> %MAKETEXT{"Topic name"}%</label><br /> -<input type="radio" class="twikiRadioButton" id="modified" name="order" value="modified" %IF{" '%URLPARAM{order}%' = 'modified' " then="checked=\"checked\"" else=""}% /><label for="modified"> %MAKETEXT{"Last modified time"}%</label><br /> -<input type="radio" class="twikiRadioButton" id="editby" name="order" value="editby" %IF{" '%URLPARAM{order}%' = 'editby' " then="checked=\"checked\"" else=""}% /><label for="editby"> %MAKETEXT{"Last editor"}%</label> +<input type="radio" class="twikiRadioButton" id="topic" name="order" value="topic" %IF{" '%URLPARAM{"order" encode="entity" default="topic"}%' = 'topic' " then="checked=\"checked\"" else=""}% /><label for="topic"> %MAKETEXT{"Topic name"}%</label><br /> +<input type="radio" class="twikiRadioButton" id="modified" name="order" value="modified" %IF{" '%URLPARAM{"order" encode="entity"}%' = 'modified' " then="checked=\"checked\"" else=""}% /><label for="modified"> %MAKETEXT{"Last modified time"}%</label><br /> +<input type="radio" class="twikiRadioButton" id="editby" name="order" value="editby" %IF{" '%URLPARAM{"order" encode="entity"}%' = 'editby' " then="checked=\"checked\"" else=""}% /><label for="editby"> %MAKETEXT{"Last editor"}%</label> <hr /> -<input type="checkbox" class="twikiCheckbox" name="reverse" id="reverse" %IF{" '%URLPARAM{reverse}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="reverse"> %MAKETEXT{"In reversed order"}%</label> +<input type="checkbox" class="twikiCheckbox" name="reverse" id="reverse" %IF{" '%URLPARAM{"reverse" encode="entity"}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="reverse"> %MAKETEXT{"In reversed order"}%</label> </td> </tr> <tr> <th>%MAKETEXT{"Make search:"}%</th> -<td><input type="checkbox" class="twikiCheckbox" id="casesensitive" name="casesensitive" %IF{" '%URLPARAM{casesensitive}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="casesensitive"> %MAKETEXT{"Case sensitive"}%</label><br /> -<input type="checkbox" class="twikiCheckbox" id="regex" name="regex" %IF{" '%URLPARAM{regex}%' = 'on' or '%URLPARAM{type}%' = 'regex'" then="checked=\"checked\"" else=""}% /><label for="regex"> %MAKETEXT{"Regular expression search"}%</label> <span class="twikiSmall">%MAKETEXT{"(semicolon =;= for and)"}% [[%SYSTEMWEB%.RegularExpression][%MAKETEXT{"about regular expression search"}%]]</span> +<td><input type="checkbox" class="twikiCheckbox" id="casesensitive" name="casesensitive" %IF{" '%URLPARAM{"casesensitive" encode="entity"}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="casesensitive"> %MAKETEXT{"Case sensitive"}%</label><br /> +<input type="checkbox" class="twikiCheckbox" id="regex" name="regex" %IF{" '%URLPARAM{"regex" encode="entity"}%' = 'on' or '%URLPARAM{"type" encode="entity"}%' = 'regex'" then="checked=\"checked\"" else=""}% /><label for="regex"> %MAKETEXT{"Regular expression search"}%</label> <span class="twikiSmall">%MAKETEXT{"(semicolon =;= for and)"}% [[%SYSTEMWEB%.RegularExpression][%MAKETEXT{"about regular expression search"}%]]</span> </td> </tr> <tr> <th><b>%MAKETEXT{"Don't show:"}%</b></th> -<td><input type="checkbox" class="twikiCheckbox" id="nosearch" name="nosearch" %IF{" '%URLPARAM{nosearch}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="nosearch"> %MAKETEXT{"Search string"}%</label><br /> -<input type="checkbox" class="twikiCheckbox" id="nosummary" name="nosummary" %IF{" '%URLPARAM{nosummary}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="nosummary"> %MAKETEXT{"Summaries"}%</label><br /> -<input type="checkbox" class="twikiCheckbox" id="nototal" name="nototal" %IF{" '%URLPARAM{nototal}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="nototal"> %MAKETEXT{"Total matches"}%</label> +<td><input type="checkbox" class="twikiCheckbox" id="nosearch" name="nosearch" %IF{" '%URLPARAM{"nosearch" encode="entity"}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="nosearch"> %MAKETEXT{"Search string"}%</label><br /> +<input type="checkbox" class="twikiCheckbox" id="nosummary" name="nosummary" %IF{" '%URLPARAM{"nosummary" encode="entity"}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="nosummary"> %MAKETEXT{"Summaries"}%</label><br /> +<input type="checkbox" class="twikiCheckbox" id="nototal" name="nototal" %IF{" '%URLPARAM{"nototal" encode="entity"}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="nototal"> %MAKETEXT{"Total matches"}%</label> </td> </tr> <tr> <th>%MAKETEXT{"Do show:"}%</th> -<td><input type="checkbox" class="twikiCheckbox" id="bookview" name="bookview" %IF{" '%URLPARAM{bookview}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="bookview"> !BookView</label> <span class="twikiSmall">[[%SYSTEMWEB%.BookView][%MAKETEXT{"about !BookView"}%]]</span> +<td><input type="checkbox" class="twikiCheckbox" id="bookview" name="bookview" %IF{" '%URLPARAM{"bookview" encode="entity"}%' = 'on' " then="checked=\"checked\"" else=""}% /><label for="bookview"> !BookView</label> <span class="twikiSmall">[[%SYSTEMWEB%.BookView][%MAKETEXT{"about !BookView"}%]]</span> </td> </tr> <tr> |