ah, the self:: part might explain it - I might have used php5 specific functions. What if you put one letter in the search field, or maybe even a space - so, it will override the default?
The english locale file had old random ("forex"?) strings in it.
plugins should use keys in the locale file that won't conflict with other plugins - otherwise, you'll find that if such-and-such a plugin is installed weird strings show up, etc. I try to prefix the keys with clean_ or something that will make the string more unique - unless it really is a string that everyone will use exactly the same.
blogs.class inheritance, I think if you see how I did it, you'll see that it is easier, and clearer what is going on.
there was a leftover action in the view directory that wasn't used at all.
I put the defaults in constants at the top, but maybe that is php5 specific, and so they should be changed to defines instead. But, easier to have the constants in one place in case someone wants to modify them.
You shouldn't hardly ever use stuff from the HttpVars class, as validation is harder to control that way, and using the registerFieldValidator() stuff is easier and safer. You didn't validate the search terms at all, so SQL could be put in there.
It is also easiest with the validators to see if you are validating the data in the constructor of the action, rather than having to check if you remembered in the view, or wherever the variable is accessed. (this is the bulk of the changes in 1.2.9 - we were quite sloppy with that previously).
I removed the deleteBlog(s) traps, but maybe that wasn't the best - it simplifies the code, and checks, etc. since you had to copy all of that code just to replace the view - that does happen in different plugins some what often - it'd be nice if there were a way to inherit the class or something to avoid all the code duplication for just a template change.
Please remember to use version numbers (the date) for plugins - this allows the plugin to notify the admin when there are updates, as well as keep bug reports sane, since people will know what version of the plugin they have.
You used 1.1 style permissions, rather than the newer, more specific permission structure - probably the "site_admin" bit could be removed, and anyone with update_site_blogs permission could run your plugin, but I wasn't sure, so I left it as site_admin for now.
You had used "clean" as the op and strings in various places, and I thought "clean unused blogs" was more exact.