This is actually for the blog-demo-enhanced, but I have confirmed that it can be applied to the original blog demo as well.
I have noticed that this patch has a bug, that is appeared where the number of the searched result exceeds the parameter of postsPerPage.
I know that the bug can be resolved when search string appears in the $_GET, because I do not have it in the $_POST on the second trial by clicking the next button of the pagenation.
The code was incomplete. And I think I was able to fix this bug and eliminated the risk of SQL injection according to Qiang's suggestion. You can see the diff at the google code, but I can show the code central for your reference.