Commit 18e840ac authored by Dries's avatar Dries

- Bugfix: fixed string being check_query()-ed twice. Bug #2425.  Patch by
  Matt.
parent 9801a196
......@@ -391,7 +391,7 @@ function search_data($keys = NULL) {
if (isset($keys)) {
foreach (module_list() as $name) {
if (module_hook($name, "search") && (!$edit["type"] || $edit["type"][$name]) && ($result = module_invoke($name, "search", check_query($keys)))) {
if (module_hook($name, "search") && (!$edit["type"] || $edit["type"][$name]) && ($result = module_invoke($name, "search", $keys))) {
if ($name == "node" || $name == "comment") {
$output .= "<p><b>". t("Matching ". $name ."s ranked in order of relevance") .":</b></p>";
}
......
......@@ -351,7 +351,7 @@ function user_perm() {
function user_search($keys) {
$result = db_query_range("SELECT * FROM {users} WHERE name LIKE '%$keys%'", 0, 20);
$result = db_query_range("SELECT * FROM {users} WHERE name LIKE '%". check_query($keys) ."%'", 0, 20);
while ($account = db_fetch_object($result)) {
$find[$i++] = array("title" => $account->name, "link" => (strstr(request_uri(), "admin") ? url("admin/user/edit/$account->uid") : url("user/view/$account->uid")), "user" => $account->name);
}
......
......@@ -351,7 +351,7 @@ function user_perm() {
function user_search($keys) {
$result = db_query_range("SELECT * FROM {users} WHERE name LIKE '%$keys%'", 0, 20);
$result = db_query_range("SELECT * FROM {users} WHERE name LIKE '%". check_query($keys) ."%'", 0, 20);
while ($account = db_fetch_object($result)) {
$find[$i++] = array("title" => $account->name, "link" => (strstr(request_uri(), "admin") ? url("admin/user/edit/$account->uid") : url("user/view/$account->uid")), "user" => $account->name);
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment