diff options
Diffstat (limited to 'phpBB/includes/message_parser.php')
-rw-r--r-- | phpBB/includes/message_parser.php | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/phpBB/includes/message_parser.php b/phpBB/includes/message_parser.php index abcab9c000..b272750310 100644 --- a/phpBB/includes/message_parser.php +++ b/phpBB/includes/message_parser.php @@ -1317,8 +1317,8 @@ class parse_message extends bbcode_firstpass $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false; - $add_file = (isset($_POST['add_file'])) ? true : false; - $delete_file = (isset($_POST['delete_file'])) ? true : false; + $add_file = request::is_set_post('add_file'); + $delete_file = request::is_set_post('delete_file'); // First of all adjust comments if changed $actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true)); @@ -1500,7 +1500,7 @@ class parse_message extends bbcode_firstpass global $user, $db, $config; $this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true)); - $attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array(); + $attachment_data = request::variable('attachment_data', array(0 => array('' => '')), true, request::POST); $this->attachment_data = array(); $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id; @@ -1536,11 +1536,11 @@ class parse_message extends bbcode_firstpass while ($row = $db->sql_fetchrow($result)) { - $pos = $not_orphan[$row['attach_id']]; + $pos = $not_orphan[(int) $row['attach_id']]; $this->attachment_data[$pos] = $row; - set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + $this->attachment_data[$pos]['attach_comment'] = utf8_normalize_nfc($attachment_data[$pos]['attach_comment']); - unset($not_orphan[$row['attach_id']]); + unset($not_orphan[(int) $row['attach_id']]); } $db->sql_freeresult($result); } @@ -1562,11 +1562,11 @@ class parse_message extends bbcode_firstpass while ($row = $db->sql_fetchrow($result)) { - $pos = $orphan[$row['attach_id']]; + $pos = $orphan[(int) $row['attach_id']]; $this->attachment_data[$pos] = $row; - set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true); + $this->attachment_data[$pos]['attach_comment'] = utf8_normalize_nfc($attachment_data[$pos]['attach_comment']); - unset($orphan[$row['attach_id']]); + unset($orphan[(int) $row['attach_id']]); } $db->sql_freeresult($result); } |