From 35e66770be6ca93c9090cdab221e6c33a410a569 Mon Sep 17 00:00:00 2001 From: "DM42.Net (Matt Dent)" Date: Tue, 13 Nov 2018 17:20:21 -0500 Subject: Filter search box before display --- include/text.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/text.php b/include/text.php index 076c98407..da18080dd 100644 --- a/include/text.php +++ b/include/text.php @@ -1075,7 +1075,7 @@ function micropro($contact, $redirect = false, $class = '', $mode = false) { function search($s,$id='search-box',$url='/search',$save = false) { return replace_macros(get_markup_template('searchbox.tpl'),array( - '$s' => $s, + '$s' => htmlspecialchars($s), '$id' => $id, '$action_url' => z_root() . $url, '$search_label' => t('Search'), -- cgit v1.2.3