Skip to content
Snippets Groups Projects
Commit bc228f15 authored by Andreas Gohr's avatar Andreas Gohr
Browse files

fix for XSS problem in searchbox 

darcs-hash:20051021112809-7ad00-f49197c217bed86e74e5f199b83861f55f77b78d.gz
parent 81124000
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
inc/template.php
+ 1
1
View file @ bc228f15
...@@ -542,7 +542,7 @@ function tpl_searchform(){ ...@@ -542,7 +542,7 @@ function tpl_searchform(){
print '<input type="text" '; print '<input type="text" ';
if ($ACT == 'search') if ($ACT == 'search')
print 'value="'.$_REQUEST['id'].'" '; /* keep search input as long as user stays on search page */ print 'value="'.htmlspecialchars($_REQUEST['id']).'" ';
print 'id="qsearch_in" accesskey="f" name="id" class="edit" onkeyup="ajax_qsearch.call(\'qsearch_in\',\'qsearch_out\')" />'; print 'id="qsearch_in" accesskey="f" name="id" class="edit" onkeyup="ajax_qsearch.call(\'qsearch_in\',\'qsearch_out\')" />';
print '<input type="submit" value="'.$lang['btn_search'].'" class="button" />'; print '<input type="submit" value="'.$lang['btn_search'].'" class="button" />';
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment