From e1553c915da403b5c2f5b97a9c2d7cdd1b91f714 Mon Sep 17 00:00:00 2001
From: Jan BELLON <jan@intra.e59.fr>
Date: Fri, 8 Mar 2024 18:55:02 +0000
Subject: [PATCH] Update file news.php

---
 html/news.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/html/news.php b/html/news.php
index 61ec2fb0..36b8ee0c 100644
--- a/html/news.php
+++ b/html/news.php
@@ -69,9 +69,9 @@ if (filter_var($_GET['article'], FILTER_VALIDATE_INT)) {
                             echo "</div></div>";
                         } else {
                             $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
-                            $search = isset($_GET['search']) ? htmlspecialchars($_GET['search']) : "";
-                            $req = $bdd->prepare("SELECT ID, titre, date FROM articles WHERE classification <= :accreditation AND titre LIKE '%:search%'ORDER BY date DESC");
-                            $req->bindParam(":search", htmlspecialchars($_GET['search']));
+                            $search = isset($_GET['search']) ? "'%" . htmlspecialchars($_GET['search']) . "%'" : "'%'";
+                            $req = $bdd->prepare("SELECT ID, titre, date FROM articles WHERE classification <= :accreditation AND titre LIKE :search ORDER BY date DESC");
+                            $req->bindParam(":search", $search);
                             $req->bindParam(":accreditation", $_SESSION['accreditation']);
                             $req->execute();
                             $resultat = $req->fetchAll(PDO::FETCH_ASSOC);