From 9e164d772aa6646a1776f00a153baa2f01079b1b Mon Sep 17 00:00:00 2001
From: Roman Kelesidis <roman25052006.kelesh@gmail.com>
Date: Mon, 18 Dec 2023 13:57:26 +0700
Subject: [PATCH] Some reported bugfixes (#1214)

---
 search.php  | 12 ++++++------
 tracker.php |  4 ++--
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/search.php b/search.php
index 01de6aef7..30ec79f09 100644
--- a/search.php
+++ b/search.php
@@ -91,7 +91,7 @@ $url = basename(__FILE__);
 $anon_id = GUEST_UID;
 $user_id = $userdata['user_id'];
 $lastvisit = IS_GUEST ? TIMENOW : $userdata['user_lastvisit'];
-$search_id = (isset($_GET['id']) && is_string($_GET['id'])) ? DB()->escape($_GET['id']) : '';
+$search_id = (isset($_GET['id']) && is_string($_GET['id'])) ? $_GET['id'] : '';
 $session_id = $userdata['session_id'];
 
 $items_found = $items_display = $previous_settings = null;
@@ -325,7 +325,7 @@ if ($search_id) {
 		FROM " . BB_SEARCH . "
 		WHERE session_id = '$session_id'
 			AND search_type = " . SEARCH_TYPE_POST . "
-			AND search_id = '$search_id'
+			AND search_id = '" . DB()->escape($search_id) . "'
 		LIMIT 1
 	");
 
@@ -849,7 +849,7 @@ redirect(basename(__FILE__));
 //
 function fetch_search_ids($sql, $search_type = SEARCH_TYPE_POST)
 {
-    global $lang, $search_id, $session_id, $items_found, $per_page;
+    global $lang, $session_id, $items_found, $per_page;
 
     $items_found = [];
     foreach (DB()->fetch_rowset($sql) as $row) {
@@ -859,9 +859,6 @@ function fetch_search_ids($sql, $search_type = SEARCH_TYPE_POST)
         bb_die($lang['NO_SEARCH_MATCH']);
     }
 
-    // Save results in DB
-    $search_id = make_rand_str(SEARCH_ID_LENGTH);
-
     if ($items_count > $per_page) {
         $search_array = implode(',', $items_found);
 
@@ -890,6 +887,9 @@ function fetch_search_ids($sql, $search_type = SEARCH_TYPE_POST)
         }
         $search_settings = DB()->escape(serialize($curr_set));
 
+        // Save results in DB
+        $search_id = make_rand_str(SEARCH_ID_LENGTH);
+
         $columns = 'session_id,   search_type,   search_id,   search_time,    search_settings,    search_array';
         $values = "'$session_id', $search_type, '$search_id', " . TIMENOW . ", '$search_settings', '$search_array'";
 
diff --git a/tracker.php b/tracker.php
index 7b15d8cf8..816bbffd9 100644
--- a/tracker.php
+++ b/tracker.php
@@ -43,7 +43,7 @@ $start = isset($_REQUEST['start']) ? abs((int)$_REQUEST['start']) : 0;
 $set_default = isset($_GET['def']);
 $user_id = $userdata['user_id'];
 $lastvisit = (!IS_GUEST) ? $userdata['user_lastvisit'] : '';
-$search_id = (isset($_GET['search_id']) && is_string($_GET['search_id'])) ? DB()->escape($_GET['search_id']) : '';
+$search_id = (isset($_GET['search_id']) && is_string($_GET['search_id'])) ? $_GET['search_id'] : '';
 $session_id = $userdata['session_id'];
 
 $status = $_POST['status'] ?? false;
@@ -307,7 +307,7 @@ if ($search_id) {
 		FROM " . BB_SEARCH . "
 		WHERE session_id = '$session_id'
 			AND search_type = " . SEARCH_TYPE_TRACKER . "
-			AND search_id = '$search_id'
+			AND search_id = '" . DB()->escape($search_id) . "'
 		LIMIT 1
 	");