function search_groups_hook($hook, $type, $value, $params) {
global $CONFIG;
- $query = $params['query'];
+ $query = sanitise_string($params['query']);
$join = "JOIN {$CONFIG->dbprefix}groups_entity ge ON e.guid = ge.guid";
$params['joins'] = array($join);
function search_users_hook($hook, $type, $value, $params) {
global $CONFIG;
- $query = $params['query'];
+ $query = sanitise_string($params['query']);
$join = "JOIN {$CONFIG->dbprefix}users_entity ue ON e.guid = ue.guid";
$params['joins'] = array($join);
function search_comments_hook($hook, $type, $value, $params) {
global $CONFIG;
- $query = $params['query'];
+ $query = sanitise_string($params['query']);
$params['annotation_names'] = array('generic_comment', 'group_topic_post');
$params['joins'] = array(
// switch to literal mode
if (strlen($query) < $CONFIG->search_info['min_chars']) {
$likes = array();
+ $query = sanitise_string($query);
foreach ($fields as $field) {
$likes[] = "$field LIKE '%$query%'";
}
if (strlen($query) < 6) {
//$options .= ' WITH QUERY EXPANSION';
}
+ $query = sanitise_string($query);
+
// if query is shorter than the ft_min_word_len switch to literal mode.
$fields_str = implode(',', $fields);
//$where = "($table.guid = e.guid AND (MATCH ($fields_str) AGAINST ('$query' $options)))";
projects / lorea / elgg.git / commitdiff