diff options
| -rw-r--r-- | includes/common.inc | 10 | ||||
| -rw-r--r-- | modules/book.module | 20 | ||||
| -rw-r--r-- | modules/book/book.module | 20 |
3 files changed, 9 insertions, 41 deletions
diff --git a/includes/common.inc b/includes/common.inc index 73295b5ca..110b69386 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -340,8 +340,6 @@ function search_form($action = 0, $query = 0, $options = 0) { function search_data() { global $keys, $edit; - $keys = check_input($keys); - if (isset($keys)) { foreach (module_list() as $name) { if (module_hook($name, "search") && (!$edit["type"] || $edit["type"][$name]) && ($result = module_invoke($name, "search", check_query($keys)))) { @@ -451,15 +449,15 @@ function referer_load() { } function check_form($text) { - return htmlspecialchars(stripslashes($text)); + return htmlspecialchars($text); } function check_query($text) { - return addslashes(stripslashes($text)); + return addslashes($text); } function check_input($text) { - return addslashes(stripslashes($text)); + return addslashes($text); } function filter($text) { @@ -511,8 +509,6 @@ function check_output($text) { // temporary: for development purpose $text = rewrite_old_urls($text); - $text = stripslashes($text); - if (strip_tags($text, "<a><i><b><u><tt><code><cite><strong><img>") == $text) { $text = nl2br($text); } diff --git a/modules/book.module b/modules/book.module index 34fca8ab3..31182a3a8 100644 --- a/modules/book.module +++ b/modules/book.module @@ -200,12 +200,6 @@ function book_form(&$node, &$help, &$error) { $output = form_select(t("Parent"), "parent", $node->parent, book_toc(), t("The parent subject or category the page belongs in.")); - if ($node->format) { - if ($op != t("Preview")) { - $node->body = addslashes($node->body); - } - } - if (function_exists("taxonomy_node_form")) { $output .= implode("", taxonomy_node_form("book", $node)); } @@ -341,17 +335,9 @@ function book_body($node) { global $op; if ($node->format == 1) { - /* - ** Make sure only authorized users can preview PHP pages. - */ - - if ($op == t("Preview")) { - if (user_access("create php content")) { - $node->body = stripslashes($node->body); // see also book_form() - } - else { - return; - } + // Make sure only authorized users can preview PHP pages. + if ($op == t("Preview") && !user_access("create php content")) { + return; } ob_start(); diff --git a/modules/book/book.module b/modules/book/book.module index 34fca8ab3..31182a3a8 100644 --- a/modules/book/book.module +++ b/modules/book/book.module @@ -200,12 +200,6 @@ function book_form(&$node, &$help, &$error) { $output = form_select(t("Parent"), "parent", $node->parent, book_toc(), t("The parent subject or category the page belongs in.")); - if ($node->format) { - if ($op != t("Preview")) { - $node->body = addslashes($node->body); - } - } - if (function_exists("taxonomy_node_form")) { $output .= implode("", taxonomy_node_form("book", $node)); } @@ -341,17 +335,9 @@ function book_body($node) { global $op; if ($node->format == 1) { - /* - ** Make sure only authorized users can preview PHP pages. - */ - - if ($op == t("Preview")) { - if (user_access("create php content")) { - $node->body = stripslashes($node->body); // see also book_form() - } - else { - return; - } + // Make sure only authorized users can preview PHP pages. + if ($op == t("Preview") && !user_access("create php content")) { + return; } ob_start(); |