From 1eaad02c27f86d8cfa18fce16d5465e9aad666f8 Mon Sep 17 00:00:00 2001
From: mauirixxx <mauirixxx@users.noreply.github.com>
Date: Fri, 29 Jun 2018 11:51:46 -1000
Subject: [PATCH] forgot an escape

---
 search.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/search.php b/search.php
index d4aa04b..c11741e 100644
--- a/search.php
+++ b/search.php
@@ -7,7 +7,7 @@ if (isset($_SESSION['userid']) && ($_SESSION['username'])) {
 	$searchtype = mysqli_real_escape_string($con, $searchtype);
 	$searchname = (isset($_POST['searchname']) ? $_POST['searchname'] : null);
 	$searchname = mysqli_real_escape_string($con, $searchname);
-	$searchcollection = (isset($_POST['collectionid']) ? $_POST['collectionid'] : $_GET[cid']);
+	$searchcollection = (isset($_POST['collectionid']) ? $_POST['collectionid'] : $_GET['cid']);
 	$searchcollection = mysqli_real_escape_string($con, $searchcollection);
 	if (!empty($searchname) || !empty($searchcollection)) {
 		if ($searchtype == "name") {