Commit e84609a24b5cc29460185cd17feb4e4670ade174
1 parent
059b3d03
Added mysql escaping to search string
git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@1737 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
2 additions
and
0 deletions
presentation/lookAndFeel/knowledgeTree/search/standardSearchBL.php
| ... | ... | @@ -24,6 +24,8 @@ if (checkSession()) { |
| 24 | 24 | if (!isset($fStartIndex)) { |
| 25 | 25 | $fStartIndex = 0; |
| 26 | 26 | } |
| 27 | + //escape the search string | |
| 28 | + $fStandardSearchString = addslashes($fStandardSearchString); | |
| 27 | 29 | |
| 28 | 30 | if (strlen($fBrowseType) > 0) { |
| 29 | 31 | //the user was browsing by a specific type | ... | ... |