Module: appdb Branch: master Commit: e646626c4a6e6cceb445fa06379708565a0d8f7f URL: http://source.winehq.org/git/appdb.git/?a=commit;h=e646626c4a6e6cceb445fa063...
Author: Alexander Nicolaysen Sørnes alex@thehandofagony.com Date: Wed Jun 18 00:19:28 2008 +0200
Escape input in searchForApplication()
---
include/util.php | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/include/util.php b/include/util.php index 4009d1c..55af094 100644 --- a/include/util.php +++ b/include/util.php @@ -462,12 +462,12 @@ function searchForApplication($search_words) FROM appFamily WHERE appName != 'NONAME' AND appFamily.state = 'accepted' - AND (appName LIKE '%" . $search_words . "%' - OR keywords LIKE '%" . $search_words . "%'"; + AND (appName LIKE '%?%' + OR keywords LIKE '%?%'";
$sQuery.=" ) ORDER BY appName";
- $hResult = query_appdb($sQuery); + $hResult = query_parameters($sQuery, $search_words, $search_words); return $hResult; }
-
Chris Morgan