2 files changed, 19 insertions, 12 deletions
diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php
index 6f5c9ac0..2257f281 100755
--- a/inc/poche/Database.class.php
+++ b/inc/poche/Database.class.php
@@ -389,12 +389,13 @@ class Database {
        return $this->getHandle()->lastInsertId($column);
    }
        
-        public function search($term){
+   public function search($term,$id,$limit = ''){
-                $search = '%'.$term.'%';
+      $search = '%'.$term.'%';
-                $query = $this->getHandle()->prepare("SELECT * FROM entries WHERE content LIKE ? OR title LIKE ? OR url LIKE ?"); //searches in content, title and URL
+      $sql_action     = ("SELECT * FROM entries WHERE user_id=? AND (content LIKE ? OR title LIKE ? OR url LIKE ?) "); //searches in content, title and URL
-                $query->execute(array($search,$search,$search));
+      $sql_action .= $this->getEntriesOrder().' ' . $limit;
-                $entries = $query->fetchAll();
+      $params_action  = array($id,$search,$search,$search);
-                return $entries;
+      $query          = $this->executeQuery($sql_action, $params_action);
+      return $query->fetchAll();
        }
    public function retrieveAllTags($user_id, $term = null) {
diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php
index 7d9faed1..42a2dd9a 100755
--- a/inc/poche/Poche.class.php
+++ b/inc/poche/Poche.class.php
@@ -604,12 +604,18 @@ class Poche
                );
                break;
                                
-                        case 'search':
+         case 'search':
-                                if (isset($_GET['search'])){
+            if (isset($_GET['search'])){
-                                        $search = $_GET['search'];
+               $search = filter_var($_GET['search'], FILTER_SANITIZE_STRING);
-                                        $tpl_vars['entries'] = $this->store->search($search);
+               $tpl_vars['entries'] = $this->store->search($search,$this->user->getId());
-                                        $tpl_vars['nb_results'] = count($tpl_vars['entries']);
+               $count = count($tpl_vars['entries']);
-                                }
+               $this->pagination->set_total($count);
+               $page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')),
+                        $this->pagination->page_links('?view=' . $view . '?search=' . $search . '&sort=' . $_SESSION['sort'] . '&' ));
+               $tpl_vars['page_links'] = $page_links;
+               $tpl_vars['nb_results'] = $count;
+               $tpl_vars['search_term'] = $search;
+            }
                                break;
            case 'view':
                $entry = $this->store->retrieveOneById($id, $this->user->getId());

diff --git a/inc/poche/Database.class.php b/inc/poche/Database.class.php index 6f5c9ac0..2257f281 100755 --- a/inc/poche/Database.class.php +++ b/inc/poche/Database.class.php
@@ -389,12 +389,13 @@ class Database {
389	return $this->getHandle()->lastInsertId($column);	389	return $this->getHandle()->lastInsertId($column);
390	}	390	}
391		391
392	public function search($term){	392	public function search($term,$id,$limit = ''){
393	$search = '%'.$term.'%';	393	$search = '%'.$term.'%';
394	$query = $this->getHandle()->prepare("SELECT * FROM entries WHERE content LIKE ? OR title LIKE ? OR url LIKE ?"); //searches in content, title and URL	394	$sql_action = ("SELECT * FROM entries WHERE user_id=? AND (content LIKE ? OR title LIKE ? OR url LIKE ?) "); //searches in content, title and URL
395	$query->execute(array($search,$search,$search));	395	$sql_action .= $this->getEntriesOrder().' ' . $limit;
396	$entries = $query->fetchAll();	396	$params_action = array($id,$search,$search,$search);
397	return $entries;	397	$query = $this->executeQuery($sql_action, $params_action);
		398	return $query->fetchAll();
398	}	399	}
399		400
400	public function retrieveAllTags($user_id, $term = null) {	401	public function retrieveAllTags($user_id, $term = null) {


diff --git a/inc/poche/Poche.class.php b/inc/poche/Poche.class.php index 7d9faed1..42a2dd9a 100755 --- a/inc/poche/Poche.class.php +++ b/inc/poche/Poche.class.php
@@ -604,12 +604,18 @@ class Poche
604	);	604	);
605	break;	605	break;
606		606
607	case 'search':	607	case 'search':
608	if (isset($_GET['search'])){	608	if (isset($_GET['search'])){
609	$search = $_GET['search'];	609	$search = filter_var($_GET['search'], FILTER_SANITIZE_STRING);
610	$tpl_vars['entries'] = $this->store->search($search);	610	$tpl_vars['entries'] = $this->store->search($search,$this->user->getId());
611	$tpl_vars['nb_results'] = count($tpl_vars['entries']);	611	$count = count($tpl_vars['entries']);
612	}	612	$this->pagination->set_total($count);
		613	$page_links = str_replace(array('previous', 'next'), array(_('previous'), _('next')),
		614	$this->pagination->page_links('?view=' . $view . '?search=' . $search . '&sort=' . $_SESSION['sort'] . '&' ));
		615	$tpl_vars['page_links'] = $page_links;
		616	$tpl_vars['nb_results'] = $count;
		617	$tpl_vars['search_term'] = $search;
		618	}
613	break;	619	break;
614	case 'view':	620	case 'view':
615	$entry = $this->store->retrieveOneById($id, $this->user->getId());	621	$entry = $this->store->retrieveOneById($id, $this->user->getId());