From db9f04b32b3fe04e09f16335207870264df60e56 Mon Sep 17 00:00:00 2001
From: Antonio Gallo <tonicucoz@gmail.com>
Date: Mon, 7 Feb 2011 14:54:23 +0000
Subject: improved search page

---
 h-source/Application/Controllers/SearchController.php | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/h-source/Application/Controllers/SearchController.php b/h-source/Application/Controllers/SearchController.php
index cb314c5..3d65d2c 100644
--- a/h-source/Application/Controllers/SearchController.php
+++ b/h-source/Application/Controllers/SearchController.php
@@ -128,15 +128,15 @@ class SearchController extends BaseController
 						if (next($lspciArray) !== false)
 						{
 							$item = trim(current($lspciArray));
-							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\,\;\:\+\s\(\)\/\[\]]+$/i', $item ) )
+							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\,\;\:\+\s\(\)\/\[\]\#]+$/i', $item ) )
 							{
 								$flag = false;
 								break;
 							}
 							if( preg_match( '/Class\:(.*)\[(.*)\]/i', $item, $matches ) )
 							{
-								$temp['className'] =  $matches[1];
-								$temp['classId'] =  $matches[2];
+								$temp['className'] =  sanitizeAll($matches[1]);
+								$temp['classId'] =  sanitizeAll($matches[2]);
 							}
 							else
 							{
@@ -154,15 +154,15 @@ class SearchController extends BaseController
 						if (next($lspciArray) !== false)
 						{
 							$item = trim(current($lspciArray));
-							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\,\;\:\+\s\(\)\/\[\]]+$/i', $item ) )
+							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\,\;\:\+\s\(\)\/\[\]\#]+$/i', $item ) )
 							{
 								$flag = false;
 								break;
 							}
 							if( preg_match( '/Vendor\:(.*)\[(.*)\]/i', $item, $matches ) )
 							{
-								$temp['vendorName'] =  $matches[1];
-								$temp['vendorId'] =  $matches[2];
+								$temp['vendorName'] =  sanitizeAll($matches[1]);
+								$temp['vendorId'] =  sanitizeAll($matches[2]);
 							}
 							else
 							{
@@ -180,15 +180,15 @@ class SearchController extends BaseController
 						if (next($lspciArray) !== false)
 						{
 							$item = trim(current($lspciArray));
-							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\,\;\:\+\s\(\)\/\[\]]+$/i', $item ) )
+							if( !preg_match( '/^[a-zA-Z0-9\-\_\.\,\;\:\+\s\(\)\/\[\]\#]+$/i', $item ) )
 							{
 								$flag = false;
 								break;
 							}
 							if( preg_match( '/Device\:(.*)\[(.*)\]/i', $item, $matches ) )
 							{
-								$temp['deviceName'] =  $matches[1];
-								$temp['deviceId'] =  $matches[2];
+								$temp['deviceName'] =  sanitizeAll($matches[1]);
+								$temp['deviceId'] =  sanitizeAll($matches[2]);
 							}
 							else
 							{
-- 
cgit v1.2.3