diff options
| author | Dries Buytaert <dries@buytaert.net> | 2001-11-25 13:48:34 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2001-11-25 13:48:34 +0000 |
| commit | ac1eecb753ed2092ad94c2e7a15c07c4c11258da (patch) | |
| tree | c2884d0ad7fb6efd976c401e303d656ccc58587a | |
| parent | 8d0546bc79e15e62fef6197c012e5a98d6993c64 (diff) | |
| download | brdo-ac1eecb753ed2092ad94c2e7a15c07c4c11258da.tar.gz brdo-ac1eecb753ed2092ad94c2e7a15c07c4c11258da.tar.bz2 | |
- Small update wrt filters.
| -rw-r--r-- | modules/comment.module | 6 | ||||
| -rw-r--r-- | modules/comment/comment.module | 6 |
2 files changed, 6 insertions, 6 deletions
diff --git a/modules/comment.module b/modules/comment.module index e0ef2e2c7..093054e82 100644 --- a/modules/comment.module +++ b/modules/comment.module @@ -60,7 +60,7 @@ function comment_edit($id) { } function comment_save($id, $edit) { - db_query("UPDATE comments SET subject = '". check_input($edit[subject]) ."', comment = '". check_input($edit[comment]) ."' WHERE cid = '$id'"); + db_query("UPDATE comments SET subject = '". check_input(filter($edit[subject])) ."', comment = '". check_input(filter($edit[comment])) ."' WHERE cid = '$id'"); watchdog("special", "comment: modified '$edit[subject]'"); } @@ -98,11 +98,11 @@ function comment_admin() { print search_type("comment", "admin.php?mod=comment&op=search"); break; case "delete": - print comment_delete(check_input($id)); + print comment_delete(check_query($id)); print comment_overview(); break; case t("Submit"): - print status(comment_save(check_input($id), $edit)); + print status(comment_save(check_query($id), $edit)); print comment_overview(); break; default: diff --git a/modules/comment/comment.module b/modules/comment/comment.module index e0ef2e2c7..093054e82 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -60,7 +60,7 @@ function comment_edit($id) { } function comment_save($id, $edit) { - db_query("UPDATE comments SET subject = '". check_input($edit[subject]) ."', comment = '". check_input($edit[comment]) ."' WHERE cid = '$id'"); + db_query("UPDATE comments SET subject = '". check_input(filter($edit[subject])) ."', comment = '". check_input(filter($edit[comment])) ."' WHERE cid = '$id'"); watchdog("special", "comment: modified '$edit[subject]'"); } @@ -98,11 +98,11 @@ function comment_admin() { print search_type("comment", "admin.php?mod=comment&op=search"); break; case "delete": - print comment_delete(check_input($id)); + print comment_delete(check_query($id)); print comment_overview(); break; case t("Submit"): - print status(comment_save(check_input($id), $edit)); + print status(comment_save(check_query($id), $edit)); print comment_overview(); break; default: |