diff options
| author | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-01-25 12:58:24 +0000 |
|---|---|---|
| committer | Paul S. Owen <psotfx@users.sourceforge.net> | 2002-01-25 12:58:24 +0000 |
| commit | d0a241eaffdea1a49f79fb58afa60972f37af655 (patch) | |
| tree | fa4d9c705af7859fe7afd72882be59df91ac6ec5 | |
| parent | f6eaedcd8d18ef59dc5a9e29b9e2f52cbf06e744 (diff) | |
| download | forums-d0a241eaffdea1a49f79fb58afa60972f37af655.tar forums-d0a241eaffdea1a49f79fb58afa60972f37af655.tar.gz forums-d0a241eaffdea1a49f79fb58afa60972f37af655.tar.bz2 forums-d0a241eaffdea1a49f79fb58afa60972f37af655.tar.xz forums-d0a241eaffdea1a49f79fb58afa60972f37af655.zip | |
htmlspecialchars for subject, poll title and options
git-svn-id: file:///svn/phpbb/trunk@1952 89ea8834-ac86-4346-8a33-228a782c2dd0
| -rw-r--r-- | phpBB/posting.php | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/phpBB/posting.php b/phpBB/posting.php index 2de9922fbe..4706ee9a79 100644 --- a/phpBB/posting.php +++ b/phpBB/posting.php @@ -381,13 +381,6 @@ else $attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : ( ( $userdata['user_id'] == ANONYMOUS ) ? 0 : $userdata['user_attachsig'] ); - - - - - - - // // Here we do various lookups to find topic_id, forum_id, post_id etc. // Doing it here prevents spoofing (eg. faking forum_id, topic_id or post_id @@ -727,7 +720,7 @@ if( $submit && $mode != "vote" ) $post_username = ""; } - $post_subject = trim(strip_tags($HTTP_POST_VARS['subject'])); + $post_subject = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['subject']))); if( ( $mode == "newtopic" || ( $mode == "editpost" && $is_first_post_topic ) ) && empty($post_subject) ) { $error = TRUE; @@ -770,7 +763,7 @@ if( $submit && $mode != "vote" ) { if( $is_auth['auth_pollcreate'] && $is_first_post_topic ) { - $poll_title = ( isset($HTTP_POST_VARS['poll_title']) ) ? trim(strip_tags($HTTP_POST_VARS['poll_title'])) : ""; + $poll_title = ( isset($HTTP_POST_VARS['poll_title']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['poll_title']))) : ""; $poll_length = ( isset($HTTP_POST_VARS['poll_length']) ) ? intval($HTTP_POST_VARS['poll_length']) : 0; if( $poll_length < 0 ) { @@ -783,7 +776,7 @@ if( $submit && $mode != "vote" ) { while( list($option_id, $option_text) = each($HTTP_POST_VARS['poll_option_text']) ) { - $poll_option_list[$option_id] = trim(strip_tags($option_text)); + $poll_option_list[$option_id] = trim(strip_tags(htmlspecialchars($option_text))); $poll_options++; } } |