Fixing SQL-incjection found by tomreyn and general ticket-search, fixes #674

Signed-off-by: Florian Aders (EleRas) <eleras@froxlor.org>
2011-03-19 12:22:34 +01:00
parent 6258b53a04
commit 0f4695a43f
3 changed files with 24 additions and 17 deletions
--- a/templates/Froxlor/admin/ticket/archivesearch.tpl
+++ b/templates/Froxlor/admin/ticket/archivesearch.tpl
@@ -5,7 +5,7 @@ $header
 		<input type="hidden" name="send" value="send" />
 		<table cellpadding="5" cellspacing="0" border="0" align="center" class="maintable">
 			<tr>
-				<td class="maintitle_search_left" colspan="5"><b><img src="images/title.gif" alt="" />&nbsp;{$lng['ticket']['archivesearch']}</b></td>
+				<td class="maintitle_search_left" colspan="5"><b><img src="images/Froxlor/icons/ticket_archive.png" alt="" />&nbsp;{$lng['ticket']['archivesearch']}</b></td>
 				<td class="maintitle_search_right">&nbsp;</td>
 			</tr>
      		<if 0 < $tickets_count >
@@ -28,4 +28,4 @@ $header
 	</form>
 	<br />
 	<br />
-$footer
+$footer