This significant commit fixes 99% of all known bugs and improves drop.org

by means of better security checks in order to avoid malicious behavior.
In addition, quite some code has been fine-tuned.

However, as a result, every theme will require a small update ...

1 files changed, 13 insertions, 2 deletions

diff --git a/includes/function.inc b/includes/function.inc
index ec3ad0a90..c9b80e0a6 100644
--- a/includes/function.inc
+++ b/includes/function.inc
@@ -19,13 +19,17 @@ function load_theme() {
   return new Theme();
 }
 
-function check_input($message) {
+function check_field($message) {
   return str_replace("\"", """, stripslashes($message));
 }
 
+function check_input($message) {
+  return strip_tags($message);
+}
+
 function check_output($message) {
   global $allowed_html;
-  return nl2br(strip_tags(stripslashes($message), $allowed_html));
+  return strip_tags(stripslashes($message), $allowed_html);
 }
 
 function discussion_num_replies($id, $count = 0) {
@@ -33,6 +37,13 @@ function discussion_num_replies($id, $count = 0) {
   return ($result) ? db_result($result, 0) : 0;
 }
 
+function discussion_num_filtered($sid, $pid) {
+  global $user;
+  $threshold = ($user->id) ? $user->threshold  : "0"; 
+  $result = db_query("SELECT COUNT(cid) FROM comments WHERE sid = $sid AND pid = $pid AND (votes != 0 AND score / votes < $threshold)");
+  return ($result) ? db_result($result, 0) : 0;
+}
+
 function format_plural($count, $one, $more) {
   return ($count == 1) ? "$count $one" : "$count $more";
 }