{
// Redirect to an URL which contains search string if data was passed
// via POST method and not via URL segments.
- $str_post_search = $this->input->post('search', TRUE);
+ $str_post_search = $this->input->post('search');
if ($search_query === "" && $str_post_search !== FALSE)
- redirect('catalog/search/'. $this->input->post('search', TRUE));
+ redirect('catalog/search/'. $str_post_search);
$this->load->model('videos_model');
+ $this->load->library('security');
// **
// ** LOADING MODEL
// Search query is encoded for URL and must be decoded.
$enc_search_query = $search_query;
$search_query = $this->videos_model->decode_search_query($search_query);
+
+ // Security filtering
+ $search_query = $this->security->xss_clean($search_query);
$results_data['search_query'] = $search_query;
// Category
}
// Check if search string is valid.
- if (strlen($search_query) < 4)
+ if (strlen($search_query) === 0)
{
//$results_data['videos'] = NULL;
- $this->error($this->lang->line('error_search_query_too_short'),
+ $this->error($this->lang->line('error_search_query_empty'),
$header_data);
return;
}
projects / living-lab-site.git / blobdiff