projects / acontent.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
AC-4804: Security fixes for XSS, possible sql injection on multiple scripts within...
[acontent.git] / docs / documentation / search.php
diff --git a/docs/documentation/search.php b/docs/documentation/search.php
index 5d58a32..8611a31 100644 (file)
--- a/docs/documentation/search.php
+++ b/docs/documentation/search.php
@@ -55,7 +55,7 @@ if ($_GET['query']) {
                $final_match_rows = array();\r
                foreach ($search_terms as $term)\r
                {\r
-                       $match_rows = $languageTextDAO->getHelpByMatchingText($term, $_SESSION['lang']);\r
+                       $match_rows = $languageTextDAO->getHelpByMatchingText($addslashes($term), $_SESSION['lang']);\r
 \r
                        if (is_array($match_rows)) $final_match_rows = array_merge($final_match_rows, $match_rows);\r
                }\r
@@ -120,4 +120,4 @@ if ($_GET['query']) {
 }\r
 ?>\r
 </body>\r
-</html>
\ No newline at end of file
+</html>\r
AContent learning content authoring system