From 6a7e646df240917e337163c257a903e64a593b4f Mon Sep 17 00:00:00 2001
From: Subhamoy Biswas <subhamoybiswas636@gmail.com>
Date: Sun, 10 Dec 2023 19:00:39 +0530
Subject: [PATCH] (feat): added sql injection prevention in search keyword

---
 htdocs/core/handle_search.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/handle_search.php b/htdocs/core/handle_search.php
index 0c31cb8..1383684 100644
--- a/htdocs/core/handle_search.php
+++ b/htdocs/core/handle_search.php
@@ -2,17 +2,18 @@
 require '../../connection.php';
 require 'query_functions.php';
 
-function input_filter($data){
+function input_filter($conn, $data){
     $data = trim($data);
     $data = stripslashes($data);
     $data = htmlspecialchars($data);
+    $data = mysqli_real_escape_string($conn, $data);
     return $data;
 }
 
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     if (isset($_POST['keyword'])) {
         $keyword = $_POST['keyword'];
-        $keyword = input_filter($keyword);
+        $keyword = input_filter($conn, $keyword);
         $results_array = [
             $results_projects = fetch_search_results_projects($conn, $keyword),
             $results_socials = fetch_search_results_socials($conn, $keyword),