|
@@ -36,28 +36,39 @@ function printDropdownBookmarksList()
|
|
|
|
|
|
$langs->load("bookmarks");
|
|
|
|
|
|
+ $authorized_var=array('limit','optioncss','contextpage');
|
|
|
$url = $_SERVER["PHP_SELF"];
|
|
|
-
|
|
|
+ $url_param=array();
|
|
|
if (!empty($_SERVER["QUERY_STRING"])) {
|
|
|
- $url .= (dol_escape_htmltag($_SERVER["QUERY_STRING"]) ? '?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]) : '');
|
|
|
- } else {
|
|
|
- global $sortfield, $sortorder;
|
|
|
- $tmpurl = '';
|
|
|
- // No urlencode, all param $url will be urlencoded later
|
|
|
- if ($sortfield) {
|
|
|
- $tmpurl .= ($tmpurl ? '&' : '').'sortfield='.urlencode($sortfield);
|
|
|
- }
|
|
|
- if ($sortorder) {
|
|
|
- $tmpurl .= ($tmpurl ? '&' : '').'sortorder='.urlencode($sortorder);
|
|
|
- }
|
|
|
- if (is_array($_POST)) {
|
|
|
- foreach ($_POST as $key => $val) {
|
|
|
- if (preg_match('/^search_/', $key) && $val != '') {
|
|
|
- $tmpurl .= ($tmpurl ? '&' : '').http_build_query(array($key => $val));
|
|
|
+ if (is_array($_GET)) {
|
|
|
+ foreach ($_GET as $key => $val) {
|
|
|
+ if ($val != '') {
|
|
|
+ $url_param[$key]=http_build_query(array(dol_escape_htmltag($key) => dol_escape_htmltag($val)));
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
- $url .= ($tmpurl ? '?'.$tmpurl : '');
|
|
|
+ }
|
|
|
+ global $sortfield, $sortorder;
|
|
|
+ $tmpurl = '';
|
|
|
+ // No urlencode, all param $url will be urlencoded later
|
|
|
+ if ($sortfield) {
|
|
|
+ $tmpurl .= ($tmpurl ? '&' : '').'sortfield='.urlencode($sortfield);
|
|
|
+ }
|
|
|
+ if ($sortorder) {
|
|
|
+ $tmpurl .= ($tmpurl ? '&' : '').'sortorder='.urlencode($sortorder);
|
|
|
+ }
|
|
|
+ if (is_array($_POST)) {
|
|
|
+ foreach ($_POST as $key => $val) {
|
|
|
+ if ((preg_match('/^search_/', $key) || in_array($key, $authorized_var))
|
|
|
+ && $val != ''
|
|
|
+ && !array_key_exists($key, $url_param)) {
|
|
|
+ $url_param[$key]=http_build_query(array(dol_escape_htmltag($key) => dol_escape_htmltag($val)));
|
|
|
+ }
|
|
|
+ }
|
|
|
+ }
|
|
|
+ $url .= ($tmpurl ? '?'.$tmpurl : '');
|
|
|
+ if (!empty($url_param)) {
|
|
|
+ $url .= '&'.implode('&', $url_param);
|
|
|
}
|
|
|
|
|
|
$searchForm = '<!-- form with POST method by default, will be replaced with GET for external link by js -->'."\n";
|