claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix filtering of html, we shouldn't be running htmlspecialchars() on html code that needs to be

Browse Source 
preserved without modification
This commit is contained in:
Chris Morgan
2007-01-06 05:30:31 +00:00
committed by WineHQ
parent 5ee94f4617
commit a992178883
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/filter.php
View File

@@ -52,7 +52,7 @@ function filter_gpc()
switch($aKeys[$i][1]) switch($aKeys[$i][1])
{ {
case "h": // HTML string case "h": // HTML string
$aClean[$aKeys[$i]] = trim(htmlspecialchars($_REQUEST[$aKeys[$i]])); $aClean[$aKeys[$i]] = trim($_REQUEST[$aKeys[$i]]);
// if there is no content and no image, make the variable empty // if there is no content and no image, make the variable empty
if(strip_tags($aClean[$aKeys[$i]],'<img>')=="") if(strip_tags($aClean[$aKeys[$i]],'<img>')=="")
$aClean[$aKeys[$i]] = ""; $aClean[$aKeys[$i]] = "";