diff --git a/html/news.php b/html/news.php
index 51319f0b..21d1fb87 100644
--- a/html/news.php
+++ b/html/news.php
@@ -47,8 +47,8 @@ if (filter_var($_GET['article'], FILTER_VALIDATE_INT)) {
prepare("SELECT ID, titre, date FROM articles WHERE (titre LIKE :search OR ID LIKE :search OR auteur LIKE :search) AND classification <= :accreditation ORDER BY date DESC");
+ $search = isset($_GET['search']) ? htmlspecialchars($_GET['search']) : "";
+ $req = $bdd->prepare("SELECT ID, titre, date FROM articles WHERE (titre LIKE :search OR ID LIKE '%:search%' OR auteur LIKE :search) AND classification <= :accreditation ORDER BY date DESC");
$req->bindParam(":search", $search);
$req->bindParam(":accreditation", $_SESSION['accreditation']);
$req->execute();