escape rev and search to avoid XSS breach

[Badatos]

Hello,
I think theses small changes will prevent some XSS breach issued in #228

[michael-o]

The original issue lists several other spots. Did you test then or simply limit your PR for this file?

[Badatos]

I don't know exactly how many gaps this PR fills, but at least all files that use createSearchSelectionForm.

I've tested on listing.php?search=1%27)%22AutoFocus/ContentEditable/OnFocusIn=(confirm)(1)//&a=xxx&api=xxx&begindate=4&cat=aug url and confirm this gap is filled.

[michael-o]

I meant these #228 (comment)

[Badatos]

I meant these #228 (comment)

These aren't confirmed vulnerabilities, but rather leads to follow.
If you have a list of URLs of confirmed vulnerabilities, I could potentially run some tests on these.

[Badatos]

Tested also on URL like this :
search.php?repname=REPO&rev=1&search=%22%3E%3Cscript%3Ealert%28%27TEST%27%29%3C%2Fscript%3E

And the same fix corrects it ;)