aboutsummaryrefslogtreecommitdiff
path: root/mod/search
diff options
context:
space:
mode:
authorbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-11-10 04:04:21 +0000
committerbrettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-11-10 04:04:21 +0000
commitd02497d90585a849f8ea932024ffc53758d3462e (patch)
tree27ab92fea4d3ba8d4533ad6f81719023faefa7ef /mod/search
parent439e8e8bb87247781c741e08f9c6234a3260a6a3 (diff)
downloadelgg-d02497d90585a849f8ea932024ffc53758d3462e.tar.gz
elgg-d02497d90585a849f8ea932024ffc53758d3462e.tar.bz2
Missed an htmlspecialchars().
git-svn-id: http://code.elgg.org/elgg/trunk@3656 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/search')
-rw-r--r--mod/search/index.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/mod/search/index.php b/mod/search/index.php
index d62e3be72..806c2a0d9 100644
--- a/mod/search/index.php
+++ b/mod/search/index.php
@@ -88,14 +88,14 @@ foreach ($types as $type => $subtypes) {
foreach ($custom_types as $type) {
$label = "search_types:$type";
- $data = http_build_query(array(
+ $data = htmlspecialchars(http_build_query(array(
'q' => urlencode($query),
'entity_subtype' => $entity_subtype,
'entity_type' => urlencode($entity_type),
'owner_guid' => urlencode($owner_guid),
'search_type' => $type,
'friends' => $friends
- ));
+ )));
$url = "{$CONFIG->wwwroot}pg/search/?$data";