Search engine: url param October 23, 2016, 02:27:54 am File: C:\...\sources\admin\ManageSearch.controller.phpUrl: /index.php?action=admin;area=managesearch;sa=settingsCode: [Select]'url' => trim(Util::htmlspecialchars($_POST['engine_url'][$id], ENT_COMPAT))htmlspecialchars replaced & symbol in my url.Maybe better to check the url function filter_var('http://example.com', FILTER_VALIDATE_URL) ?~ See fix example ~, but it is not safe
Re: Search engine: url param Reply #2 – October 23, 2016, 10:52:52 am Or in alternative un_htmlspecialchars the url before using it?hmm... I don't remember posting the previous one... writing yes, but not posting... unless I was doing something else. meh.