use intval for integers or sqlite_escape_string for strings
if (isset($_REQUEST["S"]))
{
/* single tag or part of tag */
if (isset($_REQUEST["S"]))
{
/* single tag or part of tag */
+ $tag = sqlite_escape_string($_REQUEST["S"]);
/* individual tags are separated by '+' */
$result = $DB->query("SELECT name FROM tags where name like \"%$tag%\"");
$count = $DB->query("SELECT 1");
/* individual tags are separated by '+' */
$result = $DB->query("SELECT name FROM tags where name like \"%$tag%\"");
$count = $DB->query("SELECT 1");
else
{
if (isset($_REQUEST["P"]))
else
{
if (isset($_REQUEST["P"]))
- $OFFSET = "".($_REQUEST["P"]*$N-$N);
+ $OFFSET = "".(intval($_REQUEST["P"])*$N-$N);
else
$OFFSET = "0";
if (isset($_REQUEST["T"]))
{
/* single tag or part of tag */
else
$OFFSET = "0";
if (isset($_REQUEST["T"]))
{
/* single tag or part of tag */
- $tags = $_REQUEST["T"];
+ $tags = sqlite_escape_string($_REQUEST["T"]);
$tags = explode("+",$tags);
$tags = "'".implode("','",$tags)."'";
$tags = explode("+",$tags);
$tags = "'".implode("','",$tags)."'";
$page = 1;
if(isset($_REQUEST["tag"]))
$page = 1;
if(isset($_REQUEST["tag"]))
- $tags = $_REQUEST["tag"];
+ $tags = htmlentities($_REQUEST["tag"]);