claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enable filtering in commentview.php and deletecomment.php

Browse Source
This commit is contained in:
Jonathan Ernst
2006-07-07 17:16:42 +00:00
committed by WineHQ
parent 005ef5af93
commit e28e2d66fd
2 changed files with 2 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
commentview.php
View File

@@ -10,20 +10,11 @@
*/ */
include("path.php"); include("path.php");
include(BASE."include/incl.php"); include(BASE."include/incl.php");
include(BASE."include/filter.php");
require_once(BASE."include/comment.php"); require_once(BASE."include/comment.php");
$aClean = array(); //array of filtered user input
$aClean['iAppId'] = makeSafe($_REQUEST['iAppId']);
$aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']);
$aClean['iThreadId'] = makeSafe($_REQUEST['iThreadId']);
apidb_header("Comments"); apidb_header("Comments");
if(!is_numeric($aClean['iAppId']) OR !is_numeric($aClean['iVersionId']) OR (!empty($aClean['iThreadId']) AND !is_numeric($aClean['iThreadId'])))
util_show_error_page_and_exit("Wrong IDs");
view_app_comments($aClean['iVersionId'], $aClean['iThreadId']); view_app_comments($aClean['iVersionId'], $aClean['iThreadId']);
apidb_footer(); apidb_footer();

7
deletecomment.php
View File

@@ -13,15 +13,10 @@
// application environment // application environment
include("path.php"); include("path.php");
require(BASE."include/incl.php"); require(BASE."include/incl.php");
require(BASE."include/filter.php");
require(BASE."include/application.php"); require(BASE."include/application.php");
require(BASE."include/mail.php"); require(BASE."include/mail.php");
$aClean = array(); //array of filtered user input
$aClean['sWhy'] = makeSafe($_REQUEST['sWhy']);
$aClean['iCommentId'] = makeSafe($_REQUEST['iCommentId']);
$aClean['iDeleteIt'] = makeSafe($_REQUEST['iDeleteIt']);
$oComment = new Comment($aClean['iCommentId']); $oComment = new Comment($aClean['iCommentId']);
/** /**