From e83885c7226cae20ca24ca0a6280c14ccffda6a0 Mon Sep 17 00:00:00 2001 From: FusionPBX Date: Sat, 7 May 2022 09:36:14 -0600 Subject: [PATCH] User Logs - Paging Broken with Search --- core/user_logs/user_logs.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/core/user_logs/user_logs.php b/core/user_logs/user_logs.php index 0b6227becd..748c18af36 100644 --- a/core/user_logs/user_logs.php +++ b/core/user_logs/user_logs.php @@ -17,7 +17,7 @@ The Initial Developer of the Original Code is Mark J Crane - Portions created by the Initial Developer are Copyright (C) 2018 - 2021 + Portions created by the Initial Developer are Copyright (C) 2018 - 2022 the Initial Developer. All Rights Reserved. */ @@ -89,6 +89,7 @@ //add the search if (isset($_GET["search"])) { $search = strtolower($_GET["search"]); + $search = htmlspecialchars($search); } //get the count @@ -117,8 +118,8 @@ //prepare to page the results $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; - $param = $search ? "&search=".$search : null; - $param = ($_GET['show'] == 'all' && permission_exists('user_log_all')) ? "&show=all" : null; + $param = $search ? "search=".$search : null; + $param .= ($_GET['show'] == 'all' && permission_exists('user_log_all')) ? "&show=all" : null; $page = is_numeric($_GET['page']) ? $_GET['page'] : 0; list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); @@ -190,7 +191,7 @@ echo " \n"; } else { - echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?show=all']); + echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$_SESSION['theme']['button_icon_all'],'link'=>'?show=all&search='.$search]); } } echo "";