diff options
| -rw-r--r-- | includes/comment.inc | 5 | ||||
| -rw-r--r-- | includes/function.inc | 2 | ||||
| -rw-r--r-- | modules/diary.module | 7 | ||||
| -rw-r--r-- | story.php | 2 | ||||
| -rw-r--r-- | submit.php | 8 |
5 files changed, 7 insertions, 17 deletions
diff --git a/includes/comment.inc b/includes/comment.inc index 9dc3f5570..744ab0f9b 100644 --- a/includes/comment.inc +++ b/includes/comment.inc @@ -59,7 +59,7 @@ function comment_reply($pid, $id) { $pid = 0; if ($link == "story") { $item = db_fetch_object(db_query("SELECT stories.*, users.userid FROM stories LEFT JOIN users ON stories.author = users.id WHERE stories.status != 0 AND stories.id = '$id'")); - $theme->story($item, ""); + $theme->story($item, "[ ". t("reply to this story") ." ]"); } } @@ -93,9 +93,6 @@ function comment_reply($pid, $id) { function comment_preview($pid, $id, $subject, $comment) { global $allowed_html, $link, $REQUEST_URI, $theme, $user; - $subject = check_output($subject); - $comment = check_output($comment); - // Preview comment: comment_view(new Comment($user->userid, $subject, $comment, time(), $user->url, $user->fake_email, 0, 0, 0, 0), t("reply to this comment")); diff --git a/includes/function.inc b/includes/function.inc index 0308a5efc..1b206c500 100644 --- a/includes/function.inc +++ b/includes/function.inc @@ -88,7 +88,7 @@ function format_email($address) { function format_url($address, $description = "") { global $na; $description = ($description) ? $description : $address; - return ($address) ? "<A HREF=\"$address\">$description</A>" : $na; + return ($address) ? "<A HREF=\"$address\">". check_output($description) ."</A>" : $na; } ?> diff --git a/modules/diary.module b/modules/diary.module index 2996cc6a0..2e1cd7e7b 100644 --- a/modules/diary.module +++ b/modules/diary.module @@ -143,9 +143,6 @@ function diary_page_edit($id) { function diary_page_preview($text, $timestamp, $id = 0) { global $theme, $user, $allowed_html; - $text = ($text) ? check_output($text) : ""; - $timestamp = ($timestamp) ? check_output($timestamp) : ""; - $output .= diary_page_entry($timestamp, $text); $output .= "<FORM ACTION=\"module.php?mod=diary\" METHOD=\"post\">\n"; @@ -205,8 +202,8 @@ function diary_page() { diary_page_display(check_input($name)); break; case "Preview diary entry": - if ($id) diary_page_preview(check_input($text), check_input($timestamp), check_input($id)); - else diary_page_preview(check_input($text), time()); + if ($id) diary_page_preview(($text ? check_output($text) : ""), check_input($timestamp), check_input($id)); + else diary_page_preview(($text ? check_output($text) : ""), time()); break; case "Submit diary entry": if ($id) diary_page_submit(check_input($text), check_input($id)); @@ -20,7 +20,7 @@ function story_render($id, $cid) { switch($op) { case t("Preview comment"): $theme->header(); - comment_preview(check_input($pid), check_input($id), check_input($subject), check_input($comment)); + comment_preview(check_input($pid), check_input($id), ($subject ? check_output($subject) : ""), ($comment ? check_output($comment) : "")); $theme->footer(); break; case t("Post comment"): diff --git a/submit.php b/submit.php index 87b441ea0..1c01b73d3 100644 --- a/submit.php +++ b/submit.php @@ -46,10 +46,6 @@ function submit_preview($subject, $abstract, $article, $section) { include "includes/story.inc"; - $subject = ($subject) ? check_output($subject) : ""; - $article = ($article) ? check_output($article) : ""; - $abstract = ($abstract) ? check_output($abstract) : ""; - $output .= "<FORM ACTION=\"submit.php\" METHOD=\"post\">\n"; $output .= "<B>". t("Your name") .":</B><BR>\n"; @@ -91,7 +87,7 @@ function submit_preview($subject, $abstract, $article, $section) { $output .= "</FORM>\n"; $theme->header(); - $theme->story(new Story($user->userid, $subject, $abstract, $article, $section, time())); + $theme->story(new Story($user->userid, $subject, $abstract, $article, $section, time()), "[ ". t("reply to this story") ." ]"); $theme->box(t("Submit a story"), $output); $theme->footer(); } @@ -113,7 +109,7 @@ function submit_submit($subject, $abstract, $article, $section) { switch($op) { case t("Preview submission"): - submit_preview(check_input($subject), check_input($abstract), check_input($article), check_input($section)); + submit_preview(($subject ? check_output($subject) : ""), ($abstract ? check_output($abstract) : ""), ($article ? check_output($article) : ""), check_output($section)); break; case t("Submit submission"): submit_submit(check_input($subject), check_input($abstract), check_input($article), check_input($section)); |