X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=view%2Ftheme%2Ffrio%2Ftheme.php;h=a61810f99e4196b9387ab5be4c9852d8a866ea43;hb=0eef382e82c689330ea5071af8e4fb98638ab0df;hp=c7d38baeb970edae0b865533fe8cae449d52e2a3;hpb=8a46c786f37550160d81e7b7ecbcacb4c9fff493;p=friendica.git

diff --git a/view/theme/frio/theme.php b/view/theme/frio/theme.php
index c7d38baeb9..a61810f99e 100644
--- a/view/theme/frio/theme.php
+++ b/view/theme/frio/theme.php
@@ -20,6 +20,7 @@ use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model;
 use Friendica\Module;
+use Friendica\Util\Strings;
 
 $frio = 'view/theme/frio';
 
@@ -300,7 +301,7 @@ function frio_remote_nav($a, &$nav)
  */
 function frio_acl_lookup(App $a, &$results)
 {
-	$nets = x($_GET, 'nets') ? notags(trim($_GET['nets'])) : '';
+	$nets = !empty($_GET['nets']) ? Strings::escapeTags(trim($_GET['nets'])) : '';
 
 	// we introduce a new search type, r should do the same query like it's
 	// done in /src/Module/Contact.php for connections
@@ -310,7 +311,7 @@ function frio_acl_lookup(App $a, &$results)
 
 	$sql_extra = '';
 	if ($results['search']) {
-		$search_txt = DBA::escape(protect_sprintf(preg_quote($results['search'])));
+		$search_txt = DBA::escape(Strings::protectSprintf(preg_quote($results['search'])));
 		$sql_extra .= " AND (`attag` LIKE '%%" . $search_txt . "%%' OR `name` LIKE '%%" . $search_txt . "%%' OR `nick` LIKE '%%" . $search_txt . "%%') ";
 	}