commit 97fe05ec288561ad0e62c60ccfd9bce7dee16009
parent 302a054279cc699695265689be7cf1faf551e4e1
Author: Kyle Milz <kyle@getaddrinfo.net>
Date: Mon, 10 Nov 2014 00:00:21 -0700
search: unescape query input
Diffstat:
1 file changed, 4 insertions(+), 0 deletions(-)
diff --git a/search.pl b/search.pl
@@ -7,6 +7,7 @@ use FCGI;
use Template;
use Proc::Daemon;
use POSIX;
+use URI::Escape;
use shared;
@@ -59,6 +60,9 @@ while ($request->Accept() >= 0) {
print "Content-Type: text/html\r\n\r\n";
my (undef, $input) = split("=", $ENV{QUERY_STRING});
+ # incoming query string is http mangled
+ $input = uri_unescape($input);
+
$search_sth->execute("%$input%", "%$input%", "%$input%");
my $products = $search_sth->fetchall_arrayref();