diff options
| -rw-r--r-- | discussion.php | 6 | ||||
| -rw-r--r-- | includes/function.inc | 10 | ||||
| -rw-r--r-- | includes/theme.inc | 12 | ||||
| -rw-r--r-- | modules/box.module | 6 | ||||
| -rw-r--r-- | modules/comment.module | 4 | ||||
| -rw-r--r-- | modules/comment/comment.module | 4 | ||||
| -rw-r--r-- | modules/diary.module | 6 | ||||
| -rw-r--r-- | modules/documentation.module | 2 | ||||
| -rw-r--r-- | modules/story.module | 8 | ||||
| -rw-r--r-- | modules/story/story.module | 8 | ||||
| -rw-r--r-- | submission.php | 20 | ||||
| -rw-r--r-- | submit.php | 6 | ||||
| -rw-r--r-- | themes/marvin/marvin.theme | 2 |
13 files changed, 48 insertions, 46 deletions
diff --git a/discussion.php b/discussion.php index 52de6bdbb..1b5192da3 100644 --- a/discussion.php +++ b/discussion.php @@ -177,7 +177,7 @@ function discussion_reply($pid, $sid) { // Comment field: $output .= "<P>\n"; $output .= " <B>Comment:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_output(check_field($user->signature)) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($user->signature) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; @@ -210,13 +210,13 @@ function comment_preview($pid, $sid, $subject, $comment) { // Subject field: $output .= "<P>\n"; $output .= " <B>Subject:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" MAXLENGTH=\"60\" VALUE=\"". check_output(check_field($subject)) ."\">\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" MAXLENGTH=\"60\" VALUE=\"". check_textfield($subject) ."\">\n"; $output .= "</P>\n"; // Comment field: $output .= "<P>\n"; $output .= " <B>Comment:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_output(check_field($comment)) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; diff --git a/includes/function.inc b/includes/function.inc index adcb4c518..71276e780 100644 --- a/includes/function.inc +++ b/includes/function.inc @@ -17,8 +17,14 @@ function discussion_score($comment) { return (strpos($value, ".")) ? substr($value ."00", 0, 4) : $value .".00"; } -function check_field($message) { - return str_replace("\"", """, stripslashes($message)); +function check_textfield($message) { + global $allowed_html; + return strip_tags(str_replace("\"", """, stripslashes($message)), $allowed_html); +} + +function check_textarea($message) { + global $allowed_html; + return htmlspecialchars(strip_tags(stripslashes($message), $allowed_html)); } function check_input($message) { diff --git a/includes/theme.inc b/includes/theme.inc index c799a0f3c..d6a4dd3e4 100644 --- a/includes/theme.inc +++ b/includes/theme.inc @@ -98,17 +98,13 @@ function theme_morelink($theme, $story) { function theme_moderation_results($theme, $story) { global $user; - if ($user->id && $story->id && $vote = user_getHistory($user->history, "s$story->id")) { - $output .= "<P><B>You voted `$vote'.</B></P>\n"; - $output .= "<P>\n"; - $output .= "<B>Other people voted:</B><BR>\n"; - - $result = db_query("SELECT * FROM users WHERE id != $user->id AND history LIKE '%s$story->id%'"); + if ($user->id && $story->id && ($user->id == $story->author || user_getHistory($user->history, "s$story->id"))) { + $result = db_query("SELECT * FROM users WHERE history LIKE '%s$story->id%'"); while ($account = db_fetch_object($result)) { - $output .= "". format_username($account->userid) ." voted `". user_getHistory($account->history, "s$story->id") ."'.<BR>"; + $output .= format_username($account->userid) ." voted `". user_getHistory($account->history, "s$story->id") ."'.<BR>"; } - $theme->box("Moderation results", $output); + $theme->box("Moderation results", ($output ? $output : "This story has not been moderated yet.")); } } diff --git a/modules/box.module b/modules/box.module index 70124bc31..a271462aa 100644 --- a/modules/box.module +++ b/modules/box.module @@ -111,7 +111,7 @@ function box_admin_edit($id) { $output .= "<P>\n"; $output .= " <B>Subject:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" VALUE=\"". check_field($block->subject) ."\">\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" VALUE=\"". check_textfield($block->subject) ."\">\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Content:</B><BR>\n"; @@ -127,11 +127,11 @@ function box_admin_edit($id) { $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Description:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"info\" VALUE=\"$block->info\">\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"info\" VALUE=\"". check_textfield($block->info) ."\">\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Link:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"link\" VALUE=\"$block->link\">\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"link\" VALUE=\"". check_textfield($block->link) ."\">\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n"; diff --git a/modules/comment.module b/modules/comment.module index 85b7b54dc..db863616f 100644 --- a/modules/comment.module +++ b/modules/comment.module @@ -16,12 +16,12 @@ function comment_edit($id) { $output .= "<P>\n"; $output .= " <B>Subject:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_output(check_field($comment->subject)) ."\">\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_textfield($comment->subject) ."\">\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= "<B>Comment:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_output($comment->comment) ."</TEXTAREA>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment->comment) ."</TEXTAREA>\n"; $output .= "</P>\n"; $output .= "<P>\n"; diff --git a/modules/comment/comment.module b/modules/comment/comment.module index 85b7b54dc..db863616f 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -16,12 +16,12 @@ function comment_edit($id) { $output .= "<P>\n"; $output .= " <B>Subject:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_output(check_field($comment->subject)) ."\">\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_textfield($comment->subject) ."\">\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= "<B>Comment:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_output($comment->comment) ."</TEXTAREA>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment->comment) ."</TEXTAREA>\n"; $output .= "</P>\n"; $output .= "<P>\n"; diff --git a/modules/diary.module b/modules/diary.module index eb3610b75..4f9f39203 100644 --- a/modules/diary.module +++ b/modules/diary.module @@ -107,7 +107,7 @@ function diary_page_edit($id) { $output .= "<P>\n"; $output .= " <B>Edit diary entry:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_output($diary->text) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_textarea($diary->text) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; @@ -133,7 +133,7 @@ function diary_page_preview($text, $timestamp, $id = 0) { $output .= "<P>\n"; $output .= " <B>Preview diary entry:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_output($text) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_textarea($text) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; @@ -256,7 +256,7 @@ function diary_admin_edit($id) { $output .= "<P>\n"; $output .= "<B>Diary entry:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"text\">". check_output($diary->text) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"text\">". check_textarea($diary->text) ."</TEXTAREA><BR>\n"; $output .= "</P>\n"; $output .= "<P>\n"; diff --git a/modules/documentation.module b/modules/documentation.module index 04d04c19f..283d6b895 100644 --- a/modules/documentation.module +++ b/modules/documentation.module @@ -38,7 +38,7 @@ function documentation() { <P>Make sure to consult the MySQL documentation on how to setup the correct access rights and permissions in your MySQL grant tables.</P> <P>4. Once you have a proper database, dump the required tables into your database:</P> <BLOCKQUOTE>$ mysql -h <I><hostname></I> -u <I><username></I> -p<I><password> <database></I> < database/database.mysql</BLOCKQUOTE> - <P>5. Copy the file <CODE>includes/hostname.conf</CODE> to match your server's hostname:</P> + <P>5. Rename the configuration file <CODE>includes/hostname.conf</CODE> to match your server's hostname:</P> <BLOCKQUOTE>$ cp includes/hostname.conf includes/www.yourdomain.com.conf</BLOCKQUOTE> <P>6. Edit your configuration file to set the required settings such as the database options and to customize your site to your likings.</P> <P>7. Launch your browser and point it to http://yourdomain.com/, create an account, log in and head on to http://yourdomain.com/admin.php. The first user will automatically have administrator permissions. Play with it for a bit and spend some time getting used to the administration interfaces.</P> diff --git a/modules/story.module b/modules/story.module index fc75e0035..4eb1534d4 100644 --- a/modules/story.module +++ b/modules/story.module @@ -115,7 +115,7 @@ function story_edit($id) { $output .= "<P>\n"; $output .= " <B>Subject:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"edit[subject]\" SIZE=\"50\" VALUE=\"". check_output(check_field($story->subject)) ."\"><BR>\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"edit[subject]\" SIZE=\"50\" VALUE=\"". check_textfield($story->subject) ."\"><BR>\n"; $output .= "</P>\n"; $output .= "<P>\n"; @@ -129,19 +129,19 @@ function story_edit($id) { $output .= "<P>\n"; $output .= " <B>Abstract:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[abstract]\">". check_output($story->abstract) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[abstract]\">". check_textarea($story->abstract) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Editor's note/updates:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[updates]\">". check_output($story->updates) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[updates]\">". check_textarea($story->updates) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Extended story:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"edit[article]\">". check_output($story->article) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"edit[article]\">". check_textarea($story->article) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; diff --git a/modules/story/story.module b/modules/story/story.module index fc75e0035..4eb1534d4 100644 --- a/modules/story/story.module +++ b/modules/story/story.module @@ -115,7 +115,7 @@ function story_edit($id) { $output .= "<P>\n"; $output .= " <B>Subject:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"edit[subject]\" SIZE=\"50\" VALUE=\"". check_output(check_field($story->subject)) ."\"><BR>\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"edit[subject]\" SIZE=\"50\" VALUE=\"". check_textfield($story->subject) ."\"><BR>\n"; $output .= "</P>\n"; $output .= "<P>\n"; @@ -129,19 +129,19 @@ function story_edit($id) { $output .= "<P>\n"; $output .= " <B>Abstract:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[abstract]\">". check_output($story->abstract) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[abstract]\">". check_textarea($story->abstract) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Editor's note/updates:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[updates]\">". check_output($story->updates) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"edit[updates]\">". check_textarea($story->updates) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Extended story:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"edit[article]\">". check_output($story->article) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"edit[article]\">". check_textarea($story->article) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; diff --git a/submission.php b/submission.php index 148cfb9a2..7a8bfae04 100644 --- a/submission.php +++ b/submission.php @@ -4,7 +4,7 @@ include "includes/submission.inc"; include "includes/common.inc"; function submission_display_main() { - global $PHP_SELF, $theme, $user; + global $theme, $user; // Perform query: $result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.status = 1 ORDER BY s.id"); @@ -13,8 +13,8 @@ function submission_display_main() { $content .= "<TABLE BORDER=\"0\" CELLSPACING=\"4\" CELLPADDING=\"4\">\n"; $content .= " <TR BGCOLOR=\"$bgcolor1\"><TH>Subject</TH><TH>Category</TH><TH>Date</TH><TH>Author</TH><TH>Score</TH></TR>\n"; while ($submission = db_fetch_object($result)) { - if (user_getHistory($user->history, "s$submission->id")) $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">". stripslashes($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\">". submission_score($submission->id) ."</TD></TR>\n"; - else $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">". stripslashes($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">vote</A></TD></TR>\n"; + if ($user->id == $submission->author || user_getHistory($user->history, "s$submission->id")) $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"submission.php?op=view&id=$submission->id\">". stripslashes($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\">". submission_score($submission->id) ."</TD></TR>\n"; + else $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"submission.php?op=view&id=$submission->id\">". stripslashes($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"submission.php?op=view&id=$submission->id\">vote</A></TD></TR>\n"; } $content .= "</TABLE>\n"; @@ -24,19 +24,19 @@ function submission_display_main() { } function submission_display_item($id) { - global $PHP_SELF, $theme, $user, $submission_votes; + global $theme, $user, $submission_votes; - if ($vote = user_getHistory($user->history, "s$id")) { + $result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.id = $id"); + $submission = db_fetch_object($result); + + if ($user->id == $submission->author || user_getHistory($user->history, "s$id")) { header("Location: discussion.php?id=$id"); } else { - $result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.id = $id"); - $submission = db_fetch_object($result); - $theme->header(); - $theme->article($submission, "[ <A HREF=\"$PHP_SELF\"><FONT COLOR=\"$theme->hlcolor2\">back</FONT></A> ]"); + $theme->article($submission, "[ <A HREF=\"submission.php\"><FONT COLOR=\"$theme->hlcolor2\">back</FONT></A> ]"); - print "<FORM ACTION=\"$PHP_SELF\" METHOD=\"post\">\n"; + print "<FORM ACTION=\"submission.php\" METHOD=\"post\">\n"; print "<P>\n"; print " <B>Vote:</B><BR>\n"; diff --git a/submit.php b/submit.php index 5d7711a41..49c4713c9 100644 --- a/submit.php +++ b/submit.php @@ -69,7 +69,7 @@ function submit_preview($subject, $abstract, $article, $category) { $output .= "<P>\n"; $output .= " <B>Subject:</B><BR>\n"; - $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" MAXLENGTH=\"60\" VALUE=\"". check_output(check_field($subject)) ."\"><BR>\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" MAXLENGTH=\"60\" VALUE=\"". check_output(check_textfield($subject)) ."\"><BR>\n"; $output .= " <SMALL><I>Bad subjects are 'Check this out!' or 'An article'. Be descriptive, clear and simple!</I></SMALL>\n"; $output .= "</P>\n"; @@ -85,13 +85,13 @@ function submit_preview($subject, $abstract, $article, $category) { $output .= "<P>\n"; $output .= "<B>Abstract:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"abstract\">". check_output($abstract) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"abstract\">". check_textarea($abstract) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <B>Extended story:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"article\">". check_output($article) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"article\">". check_textarea($article) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; diff --git a/themes/marvin/marvin.theme b/themes/marvin/marvin.theme index 7e01cc2ba..ba7c1c64e 100644 --- a/themes/marvin/marvin.theme +++ b/themes/marvin/marvin.theme @@ -70,7 +70,7 @@ print "<BR><BR>\n\n"; } - function article($story, $reply) { + function article($story, $reply = "") { print "\n<!-- story: \"$story->subject\" -->\n"; print "<TABLE BORDER=\"0\" CELLPADDING=\"0\" CELLSPACING=\"2\" WIDTH=\"100%\">\n"; print " <TR><TD COLSPAN=\"2\"><IMG SRC=\"themes/marvin/images/drop.gif\" ALT=\"\"> <B>". check_output($story->subject) ."</B></TD></TR>\n"; |