From e28e2d66fd589eb338fea644bca775e1b1c38f9e Mon Sep 17 00:00:00 2001
From: Jonathan Ernst <jonathan@ernstfamily.ch>
Date: Fri, 7 Jul 2006 17:16:42 +0000
Subject: [PATCH] Enable filtering in commentview.php and deletecomment.php

---
 commentview.php   | 11 +----------
 deletecomment.php |  7 +------
 2 files changed, 2 insertions(+), 16 deletions(-)

diff --git a/commentview.php b/commentview.php
index 149de61..c870ca5 100644
--- a/commentview.php
+++ b/commentview.php
@@ -10,20 +10,11 @@
  */
 include("path.php");
 include(BASE."include/incl.php");
+include(BASE."include/filter.php");
 require_once(BASE."include/comment.php");
 
-$aClean = array(); //array of filtered user input
-
-$aClean['iAppId'] = makeSafe($_REQUEST['iAppId']);
-$aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']);
-$aClean['iThreadId'] = makeSafe($_REQUEST['iThreadId']);
-
 apidb_header("Comments");
 
-
-if(!is_numeric($aClean['iAppId']) OR !is_numeric($aClean['iVersionId']) OR (!empty($aClean['iThreadId']) AND !is_numeric($aClean['iThreadId'])))
-    util_show_error_page_and_exit("Wrong IDs");
-
 view_app_comments($aClean['iVersionId'], $aClean['iThreadId']);
 
 apidb_footer();
diff --git a/deletecomment.php b/deletecomment.php
index 303ea24..ee93283 100644
--- a/deletecomment.php
+++ b/deletecomment.php
@@ -13,15 +13,10 @@
 // application environment
 include("path.php");
 require(BASE."include/incl.php");
+require(BASE."include/filter.php");
 require(BASE."include/application.php");
 require(BASE."include/mail.php");
 
-$aClean = array(); //array of filtered user input
-
-$aClean['sWhy'] = makeSafe($_REQUEST['sWhy']);
-$aClean['iCommentId'] = makeSafe($_REQUEST['iCommentId']);
-$aClean['iDeleteIt'] = makeSafe($_REQUEST['iDeleteIt']);
-
 $oComment = new Comment($aClean['iCommentId']);
 
 /**