AJAX Search

The built-in search engine utilises AJAX and MySQL's powerful FULLTEXT feature to rapidly return, in real-time, any pages that match your search query.

When you click on a returned result, the visited page will highlight the search terms until one of them is clicked on. Try searching for 'ajax' and clicking on a returned result.

Search results appear here in real-time.

XSS and MySQL Injection

Vanilla has been tested against thousands of automated MySQL injection and cross-site scripting (XSS) attack vectors. So far, none have succeeded.

Of course, if you generate badly scripted and insecure PHP pages or sidebars yourself then it's down to you to secure them. See Bolting it Down for more information about securing your Vanilla CMS environment.