diff options
author | Dries Buytaert <dries@buytaert.net> | 2000-10-24 07:24:24 +0000 |
---|---|---|
committer | Dries Buytaert <dries@buytaert.net> | 2000-10-24 07:24:24 +0000 |
commit | cbeb5ee4684df20dc35cd79e375df862170dd752 (patch) | |
tree | 5c62ac6703b8f127c2f924e4b6596904cc857088 /diary.php | |
parent | 9d3e9bc782a58785074188427edbe9f1b7c49e86 (diff) | |
download | brdo-cbeb5ee4684df20dc35cd79e375df862170dd752.tar.gz brdo-cbeb5ee4684df20dc35cd79e375df862170dd752.tar.bz2 |
This significant commit fixes 99% of all known bugs and improves drop.org
by means of better security checks in order to avoid malicious behavior.
In addition, quite some code has been fine-tuned.
However, as a result, every theme will require a small update ...
Diffstat (limited to 'diary.php')
-rw-r--r-- | diary.php | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -97,7 +97,7 @@ function diary_edit($id) { $output .= "<P>\n"; $output .= " <B>Edit diary entry:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". stripslashes($diary->text) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_input(stripslashes($diary->text)) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; |