Merge pull request #446 from gnuheidix/search_term

makes sure that only strings are being processed in searchTerm
2017-02-07 21:15:11 +01:00 · 2017-02-07 21:15:11 +01:00 · 9511b9dde5
commit 9511b9dde5
parent 55ec5e4ab4 dd06eeea99
1 changed files with 1 additions and 1 deletions
--- a/serendipity_config.inc.php
+++ b/serendipity_config.inc.php
@ -427,7 +427,7 @@ if (!isset($serendipity['GET']['adminAction'])) {
 // Make sure this variable is always properly sanitized. Previously in compat.inc.php, but there LANG_CHARSET was not defined.
 if (isset($serendipity['GET']['searchTerm'])) {
-    $serendipity['GET']['searchTerm'] = serendipity_specialchars(strip_tags($serendipity['GET']['searchTerm']));
+    $serendipity['GET']['searchTerm'] = (is_string($serendipity['GET']['searchTerm']) ? serendipity_specialchars(strip_tags($serendipity['GET']['searchTerm'])) : '');
 }
 // Some stuff...