diff options
| author | Meik Sievertsen <acydburn@phpbb.com> | 2003-09-07 15:23:55 +0000 |
|---|---|---|
| committer | Meik Sievertsen <acydburn@phpbb.com> | 2003-09-07 15:23:55 +0000 |
| commit | 028311c6f9b19f96952773d6c7f62911027bb662 (patch) | |
| tree | 94c2c4b6fea580aa75c25220983805138d8f01a4 /phpBB/includes/message_parser.php | |
| parent | c9e8ce2dba4eb5c41a30ecb96004eda7dc801827 (diff) | |
| download | forums-028311c6f9b19f96952773d6c7f62911027bb662.tar forums-028311c6f9b19f96952773d6c7f62911027bb662.tar.gz forums-028311c6f9b19f96952773d6c7f62911027bb662.tar.bz2 forums-028311c6f9b19f96952773d6c7f62911027bb662.tar.xz forums-028311c6f9b19f96952773d6c7f62911027bb662.zip | |
some sync-related updates... more logical processing of submit_post.
git-svn-id: file:///svn/phpbb/trunk@4477 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/message_parser.php')
| -rw-r--r-- | phpBB/includes/message_parser.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index 98c61da6ba..817f0befa7 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -673,7 +673,7 @@ class parse_message $error = array(); $num_attachments = count($this->attachment_data); - $this->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($_POST['filecomment']))) : ''; + $this->filename_data['filecomment'] = (isset($_POST['filecomment'])) ? htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $_POST['filecomment']))) : ''; $this->filename_data['filename'] = ($_FILES['fileupload']['name'] != 'none') ? trim($_FILES['fileupload']['name']) : ''; $add_file = (isset($_POST['add_file'])) ? TRUE : FALSE; @@ -757,7 +757,7 @@ class parse_message foreach ($actual_comment_list as $index => $entry) { - $this->attachment_data[$index]['comment'] = trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), htmlspecialchars($entry))); + $this->attachment_data[$index]['comment'] = htmlspecialchars(trim(str_replace(array('\\\'', '\\"', '\\0', '\\\\'), array('\'', '"', '\0', '\\'), $entry))); } } @@ -836,7 +836,7 @@ class parse_message $this->warn_msg[] = $user->lang['TOO_MANY_USER_OPTIONS']; } - $poll['poll_title'] = (!empty($poll_data['poll_title'])) ? trim(htmlspecialchars(strip_tags($poll_data['poll_title']))) : ''; + $poll['poll_title'] = (!empty($poll_data['poll_title'])) ? trim(htmlspecialchars(stripslashes($poll_data['poll_title']))) : ''; $poll['poll_length'] = (!empty($poll_data['poll_length'])) ? intval($poll_data['poll_length']) : 0; if (empty($poll['poll_title']) && $poll['poll_options_size']) |