Search Form problem with special character like ‘
-
Hi,
There is an issue with search form ( $_REQUEST ) value. This value isn’t verified and stripped in BP code.
I think we must add some filters to avoid injection by this parameter, or to correctly display value in form back.For example :
* Try to search here this value : hello’s -> form will display hello’s or try : “lol”Maybe a the next release add filter before using $_REQUEST ?
ML
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Search Form problem with special character like ‘’ is closed to new replies.