Bug 202278: Quips are escaped now, no need for HTML-like blocking - Patch by Frédéric Buclin <LpSolit@gmail.com> r=wurblzap a=myk

author: lpsolit%gmail.com <> 2005-06-30 04:54:49 +0000
committer: lpsolit%gmail.com <> 2005-06-30 04:54:49 +0000
commit: 3277ac732e00522fbe403350b24054361413aca1 (patch)
tree: 621cce1ff60de7c6f343cfef1ead96cf3ad790ac /quips.cgi
parent: 57d0baf53ea8063ebf633f9aea1a2d71af14145c (diff)
download: bugs-3277ac732e00522fbe403350b24054361413aca1.tar
bugs-3277ac732e00522fbe403350b24054361413aca1.tar.gz
bugs-3277ac732e00522fbe403350b24054361413aca1.tar.bz2
bugs-3277ac732e00522fbe403350b24054361413aca1.tar.xz
bugs-3277ac732e00522fbe403350b24054361413aca1.zip
1 files changed, 0 insertions, 1 deletions
diff --git a/quips.cgi b/quips.cgi
index 766d1a792..d811ee5fe 100755
--- a/quips.cgi
+++ b/quips.cgi
@@ -79,7 +79,6 @@ if ($action eq "add") {
       (Param('quip_list_entry_control') eq "open") || (UserInGroup('admin')) || 0;
     my $comment = $cgi->param("quip");
     $comment || ThrowUserError("need_quip");
-    $comment !~ m/</ || ThrowUserError("no_html_in_quips");
 
     SendSQL("INSERT INTO quips (userid, quip, approved) VALUES " .
            '(' . $userid . ', ' . SqlQuote($comment) . ', ' . $approved . ')');
author	lpsolit%gmail.com <>	2005-06-30 04:54:49 +0000
committer	lpsolit%gmail.com <>	2005-06-30 04:54:49 +0000
commit	3277ac732e00522fbe403350b24054361413aca1 (patch)
tree	621cce1ff60de7c6f343cfef1ead96cf3ad790ac /quips.cgi
parent	57d0baf53ea8063ebf633f9aea1a2d71af14145c (diff)
download	bugs-3277ac732e00522fbe403350b24054361413aca1.tar bugs-3277ac732e00522fbe403350b24054361413aca1.tar.gz bugs-3277ac732e00522fbe403350b24054361413aca1.tar.bz2 bugs-3277ac732e00522fbe403350b24054361413aca1.tar.xz bugs-3277ac732e00522fbe403350b24054361413aca1.zip