[geeklog-hg] geeklog: Merged with upstream
geeklog-cvs at lists.geeklog.net
geeklog-cvs at lists.geeklog.net
Sun Sep 15 00:59:41 EDT 2013
changeset 9296:11a94c0b4b5b
url: http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/11a94c0b4b5b
user: Tom <websitemaster at cogeco.net>
date: Sun Sep 15 00:58:59 2013 -0400
description:
Merged with upstream
diffstat:
system/lib-comment.php | 16 +++++++++-------
1 files changed, 9 insertions(+), 7 deletions(-)
diffs (41 lines):
diff -r 87a980ba9e7b -r 11a94c0b4b5b system/lib-comment.php
--- a/system/lib-comment.php Sun Sep 15 00:57:28 2013 -0400
+++ b/system/lib-comment.php Sun Sep 15 00:58:59 2013 -0400
@@ -1297,8 +1297,12 @@
return $someError;
}
- $comment = DB_escapeString(CMT_prepareText($comment, $postmode, $type));
- $title = DB_escapeString(COM_checkWords(strip_tags($title)));
+ // Store unescaped comment and title for use in notification.
+ $comment0 = CMT_prepareText($comment, $postmode, $type);
+ $title0 = COM_checkWords(strip_tags($title));
+
+ $comment = DB_escapeString($comment0);
+ $title = DB_escapeString($title0);
if (($uid == 1) && isset($_POST[CMT_USERNAME])) {
$anon = COM_getDisplayName(1);
if (strcmp($_POST[CMT_USERNAME], $anon) != 0) {
@@ -1440,9 +1444,9 @@
$cid = 0; // comment went into the submission queue
}
if (($uid == 1) && isset($username)) {
- CMT_sendNotification($title, $comment, $uid, $username, $_SERVER['REMOTE_ADDR'], $type, $cid);
+ CMT_sendNotification($title0, $comment0, $uid, $username, $_SERVER['REMOTE_ADDR'], $type, $cid);
} else {
- CMT_sendNotification($title, $comment, $uid, '', $_SERVER['REMOTE_ADDR'], $type, $cid);
+ CMT_sendNotification($title0, $comment0, $uid, '', $_SERVER['REMOTE_ADDR'], $type, $cid);
}
}
@@ -1473,9 +1477,7 @@
return false;
}
- // we have to undo the addslashes() call from savecomment()
- $title = stripslashes($title);
- $comment = stripslashes($comment);
+ $comment = str_replace("\r\n", "\n", $comment);
// strip HTML if posted in HTML mode
if (preg_match('/<.*>/', $comment) != 0) {
More information about the geeklog-cvs
mailing list