diff options
author | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-11-09 21:08:45 +0000 |
---|---|---|
committer | brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-11-09 21:08:45 +0000 |
commit | ce397b5423636181de8ca1c8997eb021e8d6e6b4 (patch) | |
tree | a612c6c16c9ff7c5cdfe3b53bad2c61a1eb2781a /mod/search | |
parent | 3e795f3f87a602b8ea77759f89fe0cb791b616ae (diff) | |
download | elgg-ce397b5423636181de8ca1c8997eb021e8d6e6b4.tar.gz elgg-ce397b5423636181de8ca1c8997eb021e8d6e6b4.tar.bz2 |
Sanitising string on tag search.
git-svn-id: http://code.elgg.org/elgg/trunk@3647 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/search')
-rw-r--r-- | mod/search/search_hooks.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/mod/search/search_hooks.php b/mod/search/search_hooks.php index 95ef3fc85..60cb1e8c4 100644 --- a/mod/search/search_hooks.php +++ b/mod/search/search_hooks.php @@ -164,7 +164,8 @@ function search_users_hook($hook, $type, $value, $params) { function search_tags_hook($hook, $type, $value, $params) { global $CONFIG; - $query = $params['query']; + // @todo will need to split this up to support searching multiple tags at once. + $query = santitise_string($params['query']); $params['metadata_name_value_pair'] = array ('name' => 'tags', 'value' => $query, 'case_sensitive' => FALSE); $entities = elgg_get_entities_from_metadata($params); |