summaryrefslogtreecommitdiffstats
path: root/web/lib
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib')
-rw-r--r--web/lib/pkgfuncs.inc6
1 files changed, 4 insertions, 2 deletions
diff --git a/web/lib/pkgfuncs.inc b/web/lib/pkgfuncs.inc
index d7d1372..8ce26e3 100644
--- a/web/lib/pkgfuncs.inc
+++ b/web/lib/pkgfuncs.inc
@@ -714,8 +714,10 @@ function pkg_search_page($SID="") {
print " <span class='f5'><span class='blue'>".__("Keywords");
print "</span></span><br />\n";
print " <input type='text' name='K' size='20'";
- $K = str_replace("\"", "", $_REQUEST["K"]); # TODO better testing for
- # SQL trickery...
+
+ # Added to trim() to avoid the problem described in #6191
+ $K = trim(str_replace("\"", "", $_REQUEST["K"])); # TODO better testing for SQL trickery...
+
print " value=\"".stripslashes($K)."\" maxlength='35'>\n";
print "</td>\n";