diff options
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/common.inc | 9 | ||||
| -rw-r--r-- | includes/node.inc | 16 |
2 files changed, 15 insertions, 10 deletions
diff --git a/includes/common.inc b/includes/common.inc index fabee01bf..c1ebe193a 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -119,11 +119,16 @@ function check_query($text) { return addslashes(stripslashes($text)); } -function check_input($text) { +function filter($text) { foreach (module_list() as $name) { if (module_hook($name, "filter")) $text = module_invoke($name, "filter", $text); } - return addslashes(stripslashes(substr($text, 0, variable_get("max_input_size", 10000)))); + + return $text; +} + +function check_input($text) { + return check_query($text); } function check_output($text, $nl2br = 0) { diff --git a/includes/node.inc b/includes/node.inc index bbfd8e5d6..6af45c6d2 100644 --- a/includes/node.inc +++ b/includes/node.inc @@ -107,8 +107,8 @@ function node_load($conditions) { } /* - ** Call the node specific callback (if any) and piggy-back to - ** results to the node: + ** Call the node specific callback (if any) and piggy-back the + ** results to the node or overwrite some values: */ if ($extra = module_invoke($node->type, "load", $node)) { @@ -156,6 +156,10 @@ function node_save($node, $filter) { $node->revisions = serialize($node->revisions); } + /* + ** Apply filters to some default node fields: + */ + if (empty($node->nid)) { /* @@ -170,9 +174,7 @@ function node_save($node, $filter) { foreach ($node as $key => $value) { if (in_array($key, $fields)) { $k[] = check_query($key); - $v[] = "'". check_input($value) ."'"; - // NOTE: for the values we use 'check_input()' such that we apply - // the filters + $v[] = "'". check_query($value) ."'"; } } @@ -194,9 +196,7 @@ function node_save($node, $filter) { // prepare the query: foreach ($node as $key => $value) { if (in_array($key, $fields)) { - $q[] = check_query($key) ." = '". ($key != "revisions" ? check_input($value) : $value) ."'"; - // NOTE: for the values we use 'check_input()' such that we apply - // the filters, except revisions + $q[] = check_query($key) ." = '". check_query($value) ."'"; } } |