FIxed vulnerability in forum search

This commit is contained in:
Parziphal 2016-02-13 20:15:21 -05:00
parent 3649bc135a
commit 565fcf08a3

View File

@ -1,7 +1,7 @@
<div id="forum">
<div style="margin-bottom: 1em;">
<?= $this->formTag(['action' => "search"], ['method' => 'get'], function(){ ?>
<?= $this->textFieldTag("query", $this->params()->query, ['size' => 40]) ?>
<?= $this->textFieldTag("query", $this->h($this->params()->query), ['size' => 40]) ?>
<?= $this->submitTag($this->t('.search'))?>
<?php }) ?>
</div>