Re: Modification Hack isearch autocompletion ajax avec prototype + scriptaculous | Titre du sujet : Re: Modification Hack isearch autocompletion ajax avec prototype + scriptaculous par trabis sur 10/03/2009 02:34:33
$sql = 'SELECT title FROM '.$this->db->prefix('stories').' WHERE title LIKE '%'.$searchword.'%'';
=
SQL INJECTION
function ajaxMostSearched($searchword, $limit)
{
$ts =& MyTextSanitizer::getInstance();
//clean it
$searchword = $ts->addSlashes($searchword);
$ret = array();
$sql = "SELECT Count(keyword) AS cpt, keyword FROM ".$this->db->prefix('isearch_searches').' WHERE keyword LIKE ''.$searchword.'%' GROUP BY keyword ORDER BY cpt desc';
$result = $this->db->query($sql);
while ($myrow = $this->db->fetchArray($result)) {
$ret[] = $myrow['keyword'];
}
return $ret;
}
You can also try My search module: http://www.xuups.com/modules/publisher/item.php?itemid=4
|
|