. '</option>';
}
error_log($optionsHtml);
+
+$dsearchHtml = htmlspecialchars($dsearch,ENT_QUOTES|ENT_SUBSTITUTE);
+
$debut=$offset+1;
$STR = <<<EOT
<TABLE WIDTH="100%" BORDER="0" CellSpacing="0">
<TD align=left>
<FORM action="{$myfilename}.php" method="post">
<FONT SIZE=+1>
-<span class="translatable" trkey="Search">Search</span>
-<input type="text" value="$dsearch" name="dsearch" size=20 style="font-size: 100%;">
-<select name="filterfield" style="font-size:100%;">
-$optionsHtml
-</select>
-<input type="submit" style="display:none"/>
+ <span class="translatable" trkey="Search">Search</span>
+ <input type="text" id="searchInput" value="{$dsearchHtml}" name="dsearch" size=20 style="font-size: 100%;">
+ <select name="filterfield" style="font-size:100%;">
+ $optionsHtml
+ </select>
+ <input type="submit" style="display:none"/>
</FONT>
</FORM>
</TD>