mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

makes sure that only strings are being processed in searchTerm; strip_tags crashes in case it's getting an array

Browse Source
This commit is contained in:
Thomas Heidrich 2017-02-07 20:24:33 +01:00
parent 55ec5e4ab4
commit dd06eeea99
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
serendipity_config.inc.php
View File

@ -427,7 +427,7 @@ if (!isset($serendipity['GET']['adminAction'])) {
// Make sure this variable is always properly sanitized. Previously in compat.inc.php, but there LANG_CHARSET was not defined. // Make sure this variable is always properly sanitized. Previously in compat.inc.php, but there LANG_CHARSET was not defined.
if (isset($serendipity['GET']['searchTerm'])) { if (isset($serendipity['GET']['searchTerm'])) {
$serendipity['GET']['searchTerm'] = serendipity_specialchars(strip_tags($serendipity['GET']['searchTerm'])); $serendipity['GET']['searchTerm'] = (is_string($serendipity['GET']['searchTerm']) ? serendipity_specialchars(strip_tags($serendipity['GET']['searchTerm'])) : '');
} }
// Some stuff... // Some stuff...