Fixed problem searching members with "'" in them.

author Chuck Scott <cscott@gaslightmedia.com>

Mon, 20 Jun 2016 16:33:57 +0000 (12:33 -0400)

committer Chuck Scott <cscott@gaslightmedia.com>

Mon, 20 Jun 2016 16:33:57 +0000 (12:33 -0400)
author Chuck Scott <cscott@gaslightmedia.com>
Mon, 20 Jun 2016 16:33:57 +0000 (12:33 -0400)
committer Chuck Scott <cscott@gaslightmedia.com>
Mon, 20 Jun 2016 16:33:57 +0000 (12:33 -0400)
diff --git a/models/front/members/list.php b/models/front/members/list.php

index b66a346..1fb156b 100644 (file)
--- a/models/front/members/list.php
+++ b/models/front/members/list.php
@@ -221,7 +221,7 @@ class GlmMembersFront_members_list extends GlmDataMemberInfo
  
          // Apply any provided text search to name, description, short description, and street address
          if (isset($_REQUEST['textSearch']) && $_REQUEST['textSearch'] != '') {
-            $textSearch = filter_input(INPUT_POST, 'textSearch', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES);
+            $textSearch = addslashes(filter_input(INPUT_POST, 'textSearch', FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES));
              $where .= $whereSep." (
                  (
                      SELECT true
@@ -235,6 +235,7 @@ class GlmMembersFront_members_list extends GlmDataMemberInfo
                  T.addr2 LIKE '%$textSearch%'
              )";
              $whereSep = ' AND ';
+            $textSearch = stripslashes($textSearch);
          }
  
          // Get category data for search pick list and shortcode selection
author	Chuck Scott <cscott@gaslightmedia.com>
	Mon, 20 Jun 2016 16:33:57 +0000 (12:33 -0400)
committer	Chuck Scott <cscott@gaslightmedia.com>
	Mon, 20 Jun 2016 16:33:57 +0000 (12:33 -0400)