From 31f9baa742d5e52de18e8f074d44d5a89769599c Mon Sep 17 00:00:00 2001
From: Antoine Musso <hashar@users.mediawiki.org>
Date: Thu, 25 Aug 2005 03:42:18 +0000
Subject: [PATCH] XSS issue : now sanitize search query input

---
 includes/SpecialSearch.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/SpecialSearch.php b/includes/SpecialSearch.php
index 265ded6dba..62b207fb40 100644
--- a/includes/SpecialSearch.php
+++ b/includes/SpecialSearch.php
@@ -35,7 +35,7 @@ require_once( 'Revision.php' );
 function wfSpecialSearch( $par = '' ) {
 	global $wgRequest, $wgUser;
 	
-	$search = $wgRequest->getText( 'search', $par );
+	$search = Sanitizer::removeHTMLtags($wgRequest->getText( 'search', $par ));
 	$searchPage = new SpecialSearch( $wgRequest, $wgUser );
 	if( $wgRequest->getVal( 'fulltext' ) ||
 		!is_null( $wgRequest->getVal( 'offset' ) ) ||
-- 
2.20.1