aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorfriendica <info@friendica.com>2012-03-31 14:48:35 -0700
committerfriendica <info@friendica.com>2012-03-31 14:48:35 -0700
commit0cf2e051bbe98166e99025bc1f32a6e8e08a26f2 (patch)
tree7176ea3d692e21c58d0ab2730a3a98858e6e85f5 /include
parentadebc2793e84344fca1700eb6af583a9a0abcb1a (diff)
downloadvolse-hubzilla-0cf2e051bbe98166e99025bc1f32a6e8e08a26f2.tar.gz
volse-hubzilla-0cf2e051bbe98166e99025bc1f32a6e8e08a26f2.tar.bz2
volse-hubzilla-0cf2e051bbe98166e99025bc1f32a6e8e08a26f2.zip
escape % in file_tag_query as it is ultimately embedded in a sprintf
Diffstat (limited to 'include')
-rw-r--r--include/text.php4
1 files changed, 4 insertions, 0 deletions
diff --git a/include/text.php b/include/text.php
index f758c37ee..64f6f72a8 100644
--- a/include/text.php
+++ b/include/text.php
@@ -1306,6 +1306,10 @@ function file_tag_decode($s) {
}
function file_tag_file_query($table,$s,$type = 'file') {
+
+ // this is ultimately going into a vsprintf
+ $s = str_replace('%','%%',$s);
+
if($type == 'file')
$str = preg_quote( '[' . file_tag_encode($s) . ']' );
else