Skip to content
Snippets Groups Projects
Commit 198b73dd authored by Michael Gapczynski's avatar Michael Gapczynski
Browse files

Sanitize search queries, thanks to Lukas Reschke

parent 3ce6eca4
Branches
No related tags found
No related merge requests found
...@@ -30,7 +30,7 @@ ...@@ -30,7 +30,7 @@
<header><div id="header"> <header><div id="header">
<a href="<?php echo link_to('', 'index.php'); ?>" title="" id="owncloud"><img class="svg" src="<?php echo image_path('', 'logo-wide.svg'); ?>" alt="ownCloud" /></a> <a href="<?php echo link_to('', 'index.php'); ?>" title="" id="owncloud"><img class="svg" src="<?php echo image_path('', 'logo-wide.svg'); ?>" alt="ownCloud" /></a>
<form class="searchbox" action="#" method="post"> <form class="searchbox" action="#" method="post">
<input id="searchbox" class="svg" type="search" name="query" value="<?php if(isset($_POST['query'])){echo $_POST['query'];};?>" autocomplete="off" /> <input id="searchbox" class="svg" type="search" name="query" value="<?php if(isset($_POST['query'])){echo htmlentities($_POST['query']);};?>" autocomplete="off" />
</form> </form>
<a id="logout" href="<?php echo link_to('', 'index.php'); ?>?logout=true"><img class="svg" alt="<?php echo $l->t('Log out');?>" title="<?php echo $l->t('Log out');?>" src="<?php echo image_path('', 'actions/logout.svg'); ?>" /></a> <a id="logout" href="<?php echo link_to('', 'index.php'); ?>?logout=true"><img class="svg" alt="<?php echo $l->t('Log out');?>" title="<?php echo $l->t('Log out');?>" src="<?php echo image_path('', 'actions/logout.svg'); ?>" /></a>
</div></header> </div></header>
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment