novabbs
/
rocksolid-light
3
0
Fork 1
Code Issues 25 Pull Requests Releases Wiki Activity

Escape % from header searches

This commit is contained in:
Retro_Guy 2021-05-26 01:37:37 +00:00
parent 93d890cf59
commit cd883734fa
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Rocksolid_Light/rocksolid/search.php
View File

@ -299,6 +299,7 @@ function get_body_search($group, $terms) {
function get_header_search($group, $terms) {
GLOBAL $CONFIG, $config_name, $spooldir, $snippet_size;
$terms = preg_replace('/\%/', '\%', $terms);
$searchterms = "%".$terms."%";
if(isset($_POST['group']) && $_POST['searchpoint'] != 'Message-ID') {
$grouplist[0] = $_POST['group'];
@ -333,7 +334,7 @@ function get_header_search($group, $terms) {
}
}
} else {
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group AND ".$_POST['searchpoint']." like :terms ORDER BY date DESC");
$stmt = $dbh->prepare("SELECT * FROM $table WHERE newsgroup=:group AND ".$_POST['searchpoint']." like :terms ESCAPE '\' ORDER BY date DESC");
$stmt->bindParam(':group', $group);
$stmt->bindParam(':terms', $searchterms);
$stmt->execute();