diff options
| author | Dries Buytaert <dries@buytaert.net> | 2001-03-08 17:30:41 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2001-03-08 17:30:41 +0000 |
| commit | 87916cf8bba9ffcc24d4c532d621f97b9f797611 (patch) | |
| tree | 26dac9e0cbc258eed20d08d4cde6b6a5ab9abfe0 | |
| parent | 3d78f736e19da253b9c645728d64b257dcb14020 (diff) | |
| download | brdo-87916cf8bba9ffcc24d4c532d621f97b9f797611.tar.gz brdo-87916cf8bba9ffcc24d4c532d621f97b9f797611.tar.bz2 | |
- small bugfix
| -rw-r--r-- | includes/comment.inc | 3 | ||||
| -rw-r--r-- | submit.php | 4 |
2 files changed, 7 insertions, 0 deletions
diff --git a/includes/comment.inc b/includes/comment.inc index 9cc66fa3f..9dc3f5570 100644 --- a/includes/comment.inc +++ b/includes/comment.inc @@ -93,6 +93,9 @@ function comment_reply($pid, $id) { function comment_preview($pid, $id, $subject, $comment) { global $allowed_html, $link, $REQUEST_URI, $theme, $user; + $subject = check_output($subject); + $comment = check_output($comment); + // Preview comment: comment_view(new Comment($user->userid, $subject, $comment, time(), $user->url, $user->fake_email, 0, 0, 0, 0), t("reply to this comment")); diff --git a/submit.php b/submit.php index a8d3b0bde..ce86014d4 100644 --- a/submit.php +++ b/submit.php @@ -46,6 +46,10 @@ function submit_preview($subject, $abstract, $article, $section) { include "includes/story.inc"; + $subject = check_output($subject); + $article = check_output($article); + $abstract = check_output($abstract); + $output .= "<FORM ACTION=\"submit.php\" METHOD=\"post\">\n"; $output .= "<B>". t("Your name") .":</B><BR>\n"; |