diff options
| author | M. Dent <dentm42@gmail.com> | 2018-11-14 03:21:32 +0100 |
|---|---|---|
| committer | M. Dent <dentm42@gmail.com> | 2018-11-14 03:21:32 +0100 |
| commit | 1260887fa743a4e5522dea366f0a584430b0a9a0 (patch) | |
| tree | b83ae37bce8e92bb2b47b9a30b6ddcaf764d0537 /Zotlabs/Module | |
| parent | adf4782076121ee38e1f2f2cc9a7b90c1d8db024 (diff) | |
| parent | ce8073d25eeddd212276656cc2d5c1df9474223e (diff) | |
| download | volse-hubzilla-1260887fa743a4e5522dea366f0a584430b0a9a0.tar.gz volse-hubzilla-1260887fa743a4e5522dea366f0a584430b0a9a0.tar.bz2 volse-hubzilla-1260887fa743a4e5522dea366f0a584430b0a9a0.zip | |
Merge branch 'patch-20181113a' into 'dev'
Patch 20181113a
See merge request hubzilla/core!1394
Diffstat (limited to 'Zotlabs/Module')
| -rw-r--r-- | Zotlabs/Module/Search.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index e520c671d..272bbdac1 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -6,7 +6,7 @@ class Search extends \Zotlabs\Web\Controller { function init() { if(x($_REQUEST,'search')) - \App::$data['search'] = $_REQUEST['search']; + \App::$data['search'] = escape_tags($_REQUEST['search']); } @@ -46,12 +46,12 @@ class Search extends \Zotlabs\Web\Controller { if(x(\App::$data,'search')) $search = trim(\App::$data['search']); else - $search = ((x($_GET,'search')) ? trim(rawurldecode($_GET['search'])) : ''); + $search = ((x($_GET,'search')) ? trim(escape_tags(rawurldecode($_GET['search']))) : ''); $tag = false; if(x($_GET,'tag')) { $tag = true; - $search = ((x($_GET,'tag')) ? trim(rawurldecode($_GET['tag'])) : ''); + $search = ((x($_GET,'tag')) ? trim(escape_tags(rawurldecode($_GET['tag']))) : ''); } $static = ((array_key_exists('static',$_REQUEST)) ? intval($_REQUEST['static']) : 0); |