Commit b7a8b2f3c41335fa15c65e6d830927ad4178e85b
1 parent
ef7a2afb
Added mysql escaping to search string
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1737 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
2 additions
and
0 deletions
presentation/lookAndFeel/knowledgeTree/search/standardSearchBL.php
| @@ -24,6 +24,8 @@ if (checkSession()) { | @@ -24,6 +24,8 @@ if (checkSession()) { | ||
| 24 | if (!isset($fStartIndex)) { | 24 | if (!isset($fStartIndex)) { |
| 25 | $fStartIndex = 0; | 25 | $fStartIndex = 0; |
| 26 | } | 26 | } |
| 27 | + //escape the search string | ||
| 28 | + $fStandardSearchString = addslashes($fStandardSearchString); | ||
| 27 | 29 | ||
| 28 | if (strlen($fBrowseType) > 0) { | 30 | if (strlen($fBrowseType) > 0) { |
| 29 | //the user was browsing by a specific type | 31 | //the user was browsing by a specific type |