From c1ea910e3b3b0bcc27a214383c9f6355a05dd495 Mon Sep 17 00:00:00 2001
From: Paweł Sroka <srokap@gmail.com>
Date: Thu, 12 Sep 2013 05:59:18 +0200
Subject: Added function for escaping query strings and fixed several XSRF
 vulnerabilities.

---
 mod/groups/lib/groups.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'mod/groups/lib/groups.php')

diff --git a/mod/groups/lib/groups.php b/mod/groups/lib/groups.php
index 77d7c09cc..aa8766e06 100644
--- a/mod/groups/lib/groups.php
+++ b/mod/groups/lib/groups.php
@@ -73,7 +73,8 @@ function groups_search_page() {
 	elgg_push_breadcrumb(elgg_echo('search'));
 
 	$tag = get_input("tag");
-	$title = elgg_echo('groups:search:title', array($tag));
+	$display_query = _elgg_get_display_query($tag);
+	$title = elgg_echo('groups:search:title', array($display_query));
 
 	// groups plugin saves tags as "interests" - see groups_fields_setup() in start.php
 	$params = array(
-- 
cgit v1.2.3