claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable filtering in addcomment.php

Browse Source
This commit is contained in:
Jonathan Ernst
2006-07-07 16:22:04 +00:00
committed by WineHQ
parent 2a2c423d9c
commit 58f9d7642d
1 changed files with 1 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
addcomment.php
View File

@@ -14,16 +14,10 @@
// application environment // application environment
include("path.php"); include("path.php");
require(BASE."include/incl.php"); require(BASE."include/incl.php");
require(BASE."include/filter.php");
require(BASE."include/application.php"); require(BASE."include/application.php");
require(BASE."include/mail.php"); require(BASE."include/mail.php");
$aClean = array(); //array of filtered user input
$aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']);
$aClean['iThread'] = makeSafe($_REQUEST['iThread']);
$aClean['sBody'] = makeSafe($_REQUEST['sBody']);
$aClean['sSubject'] = makeSafe($_REQUEST['sSubject']);
// you must be logged in to submit comments // you must be logged in to submit comments
if(!$_SESSION['current']->isLoggedIn()) if(!$_SESSION['current']->isLoggedIn())
{ {
@@ -32,14 +26,6 @@ if(!$_SESSION['current']->isLoggedIn())
exit; exit;
} }
if( !is_numeric($aClean['iVersionId']) )
util_show_error_page_and_exit('Internal Database Access Error');
if(!is_numeric($aClean['iThread']))
{
$aClean['iThread'] = 0;
}
// the user submitted his comment // the user submitted his comment
if(!empty($aClean['sBody'])) if(!empty($aClean['sBody']))
{ {