From d02497d90585a849f8ea932024ffc53758d3462e Mon Sep 17 00:00:00 2001
From: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Tue, 10 Nov 2009 04:04:21 +0000
Subject: Missed an htmlspecialchars().

git-svn-id: http://code.elgg.org/elgg/trunk@3656 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 mod/search/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'mod')

diff --git a/mod/search/index.php b/mod/search/index.php
index d62e3be72..806c2a0d9 100644
--- a/mod/search/index.php
+++ b/mod/search/index.php
@@ -88,14 +88,14 @@ foreach ($types as $type => $subtypes) {
 foreach ($custom_types as $type) {
 	$label = "search_types:$type";
 
-	$data = http_build_query(array(
+	$data = htmlspecialchars(http_build_query(array(
 		'q' => urlencode($query),
 		'entity_subtype' => $entity_subtype,
 		'entity_type' => urlencode($entity_type),
 		'owner_guid' => urlencode($owner_guid),
 		'search_type' => $type,
 		'friends' => $friends
-	));
+	)));
 
 	$url = "{$CONFIG->wwwroot}pg/search/?$data";
 
-- 
cgit v1.2.3