summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
authordsa <dsa>2007-01-19 02:33:09 +0100
committerdsa <dsa>2007-01-19 02:33:09 +0100
commit0397ae8ff947b51cbef901fa28b77dfa59a9dc14 (patch)
treeaab7b2b1c83e664ceae35c1a96a3c20dfe75f0f6 /web/lib
parent06e4af2dbc2d69d90be7a60c0b6944629740aaad (diff)
downloadaur-0397ae8ff947b51cbef901fa28b77dfa59a9dc14.tar.gz
aur-0397ae8ff947b51cbef901fa28b77dfa59a9dc14.tar.xz
Solved #6191
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/pkgfuncs.inc6
1 files changed, 4 insertions, 2 deletions
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc
index d7d13727..8ce26e3c 100644
--- a/web/lib/pkgfuncs.inc
+++ b/web/lib/pkgfuncs.inc
@@ -714,8 +714,10 @@ function pkg_search_page($SID="") {
print " <span class='f5'><span class='blue'>".__("Keywords");
print "</span></span><br />\n";
print " <input type='text' name='K' size='20'";
- $K = str_replace("\"", "", $_REQUEST["K"]); # TODO better testing for
- # SQL trickery...
+
+ # Added to trim() to avoid the problem described in #6191
+ $K = trim(str_replace("\"", "", $_REQUEST["K"])); # TODO better testing for SQL trickery...
+
print " value=\"".stripslashes($K)."\" maxlength='35'>\n";
print "</td>\n";