mirror of
https://github.com/itflow-org/itflow
synced 2026-02-28 10:54:52 +00:00
Remove some tags there and here some more output formatting all thanks to the great security researcher @indevi0us for pointing these out to us.
This commit is contained in:
@@ -34,7 +34,7 @@ if(isset($_GET['o'])){
|
||||
|
||||
// Search
|
||||
if(isset($_GET['q'])){
|
||||
$q = mysqli_real_escape_string($mysqli,trim($_GET['q']));
|
||||
$q = strip_tags(mysqli_real_escape_string($mysqli,trim($_GET['q'])));
|
||||
}else{
|
||||
$q = "";
|
||||
}
|
||||
Reference in New Issue
Block a user