From abd26ffec0c724a448c2253253a760149dfb63ff Mon Sep 17 00:00:00 2001
From: Thomas Zilio <Dasc3er@users.noreply.github.com>
Date: Wed, 31 Jan 2018 09:50:36 +0100
Subject: [PATCH] Fix del bug #134

---
 modules/viste/actions.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/viste/actions.php b/modules/viste/actions.php
index 579de3bfc..21aa6f659 100644
--- a/modules/viste/actions.php
+++ b/modules/viste/actions.php
@@ -40,8 +40,8 @@ switch (filter('op')) {
         $rs = true;
 
         foreach ((array) $post['query'] as $c => $k) {
-            // Fix per la protezone contro XSS
-            $post['query'][$c] = htmlspecialchars_decode($post['query'][$c], ENT_QUOTES);
+            // Fix per la protezone contro XSS, che interpreta la sequenza "<testo" come un tag HTML
+            $post['query'][$c] = $_POST['query'][$c];
 
             if (check_query($post['query'][$c])) {
                 $array = [