diff options
author | rvelices <rv-github@modusoptimus.com> | 2008-09-12 02:17:35 +0000 |
---|---|---|
committer | rvelices <rv-github@modusoptimus.com> | 2008-09-12 02:17:35 +0000 |
commit | 4d86bb2234af3939f1e8add3633deaa425fe526e (patch) | |
tree | bfc5274c3fa9e427dc7407288173355e585a9080 /include/functions_search.inc.php | |
parent | 272113c4175992de5dee7fed77fa2ab9fdef2850 (diff) |
- images.file categories.permalink old_permalinks.permalink - become binary
- session security improvement: now the sessions are valid only for originating ip addr (with mask 255.255.0.0 to allow users behind load balancing proxies) -> stealing the session cookie is almost a non issue (with the exception of the 65536 machines in range)
- metadata sync from the sync button does not overwrite valid data with empty metadata
- other small fixes/enhancements:
- added event get_category_image_orders
- fix display issue with redirect.tpl (h1/h2 within h1)
- fix known_script smarty function registration
- query search form not submitted if q is empty
- better admin css rules
- some other minor changes (ws_core, rest_handler, functions_search...)
git-svn-id: http://piwigo.org/svn/trunk@2521 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include/functions_search.inc.php')
-rw-r--r-- | include/functions_search.inc.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/include/functions_search.inc.php b/include/functions_search.inc.php index a043f041c..2ec709936 100644 --- a/include/functions_search.inc.php +++ b/include/functions_search.inc.php @@ -352,6 +352,10 @@ function get_qsearch_like_clause($q, $field) } else { + if ( strcspn($ch, '%_')==0) + {// escape LIKE specials %_ + $ch = '\\'.$ch; + } $crt_token .= $ch; } break; @@ -366,6 +370,10 @@ function get_qsearch_like_clause($q, $field) $state=0; break; default: + if ( strcspn($ch, '%_')==0) + {// escape LIKE specials %_ + $ch = '\\'.$ch; + } $crt_token .= $ch; } break; |