Changeset 6437
- Timestamp:
- Jun 1, 2010, 9:52:44 PM (14 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/functions_comment.inc.php
r6423 r6437 159 159 "'.$comm['author'].'", 160 160 '.$comm['author_id'].', 161 "'. pwg_db_real_escape_string($comm['content']).'",161 "'.$comm['content'].'", 162 162 NOW(), 163 163 "'.($comment_action=='validate' ? 'true':'false').'", … … 258 258 } 259 259 260 /* ? this is a MySql Error - author_id is not defined261 if ($comment_action!='reject' and $conf['anti-flood_time']>0 )262 { // anti-flood system263 $reference_date = time() - $conf['anti-flood_time'];264 $query = '265 SELECT id FROM '.COMMENTS_TABLE.'266 WHERE date > FROM_UNIXTIME('.$reference_date.')267 AND author_id = '.$comm['author_id'];268 if ( pwg_db_num_rows( pwg_query( $query ) ) > 0 )269 {270 //?? array_push( $infos, l10n('Anti-flood system : please wait for a moment before trying to post another comment') );271 $comment_action='reject';272 }273 }274 */275 260 // perform more spam check 276 261 $comment_action = -
trunk/include/picture_comment.inc.php
r6363 r6437 47 47 48 48 $comm = array( 49 'author' => trim( stripslashes(@$_POST['author'])),50 'content' => trim( stripslashes($_POST['content'])),49 'author' => trim( @$_POST['author'] ), 50 'content' => trim( $_POST['content'] ), 51 51 'image_id' => $page['image_id'], 52 52 ); … … 238 238 if ('reject'===@$comment_action) 239 239 { 240 $content = htmlspecialchars( $comm['content']);240 $content = htmlspecialchars( stripslashes($comm['content']) ); 241 241 } 242 242 $template->assign('comment_add', -
trunk/include/ws_functions.inc.php
r6363 r6437 549 549 550 550 $comm = array( 551 'author' => trim( stripslashes($params['author'])),552 'content' => trim( stripslashes($params['content'])),551 'author' => trim( $params['author'] ), 552 'content' => trim( $params['content'] ), 553 553 'image_id' => $params['image_id'], 554 554 ); … … 1357 1357 $res = array(); 1358 1358 $res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']); 1359 foreach ( array('status', 't emplate', 'theme', 'language') as $k )1359 foreach ( array('status', 'theme', 'language') as $k ) 1360 1360 { 1361 1361 $res[$k] = $user[$k]; -
trunk/themes/default/template/identification.tpl
r6429 r6437 49 49 50 50 <p> 51 <input type="hidden" name="redirect" value="{$U_REDIRECT| urlencode}">51 <input type="hidden" name="redirect" value="{$U_REDIRECT|@urlencode}"> 52 52 <input class="submit" tabindex="4" type="submit" name="login" value="{'Submit'|@translate}"> 53 53 </p> -
trunk/themes/default/template/menubar_identification.tpl
r5990 r6437 29 29 {if isset($U_LOGIN)} 30 30 <form method="post" action="{$U_LOGIN}" id="quickconnect"> 31 <input type="hidden" name="redirect" value="{$smarty.server.REQUEST_URI| urlencode}">31 <input type="hidden" name="redirect" value="{$smarty.server.REQUEST_URI|@urlencode}"> 32 32 <fieldset> 33 33 <legend>{'Quick connect'|@translate}</legend>
Note: See TracChangeset
for help on using the changeset viewer.