ulysia/szurubooru
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed HTML injection

Browse source
This commit is contained in:
Marcin Kurczewski 2013-10-13 21:05:20 +02:00
parent 5f3a913629
commit e125ecc1c7
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/Views/layout-normal.phtml
View file

@ -64,7 +64,7 @@
?> ?>
<li> <li>
<form name="search" action="<?php echo \Chibi\UrlHelper::route('post', 'list') ?>" method="get"> <form name="search" action="<?php echo \Chibi\UrlHelper::route('post', 'list') ?>" method="get">
<input type="search" name="query" placeholder="Search&hellip;" value="<?php echo isset($this->context->transport->searchQuery) ? $this->context->transport->searchQuery : '' ?>"> <input type="search" name="query" placeholder="Search&hellip;" value="<?php echo isset($this->context->transport->searchQuery) ? htmlspecialchars($this->context->transport->searchQuery) : '' ?>">
</form> </form>
</li> </li>
</ul> </ul>