diff options
| author | Starla Insigna <starla4444@gmail.com> | 2010-12-11 14:05:05 -0500 |
|---|---|---|
| committer | Starla Insigna <starla4444@gmail.com> | 2010-12-11 14:05:05 -0500 |
| commit | 74db7a24d9c2230b104979f4e4981c57ff73de71 (patch) | |
| tree | 3059bb0a955a662cd9e04208eb6276071cea4c8a /admin/editPost.php | |
| parent | 9efe4feaf5e19e51a18a229a6db36c5508e9faea (diff) | |
| download | fourisland-74db7a24d9c2230b104979f4e4981c57ff73de71.tar.gz fourisland-74db7a24d9c2230b104979f4e4981c57ff73de71.tar.bz2 fourisland-74db7a24d9c2230b104979f4e4981c57ff73de71.zip | |
Made Four Island 2 a little more sane
I spent the last few hours sanitizing the database and fixing huge bugs in the code. Among the changes made were: - "Theoretically related posts" have been removed due to the lack of FULLTEXT index support in InnoDB tables - Removed tons of stripslashes() calls that were used to remove slashes from records before I realized (while doing all of this work) that magic_quotes_gpc was on for some reason. I mean, like, come on! - Replaced all non-library uses of htmlentities() with htmlspecialchars(), which basically does the same thing except it doesn't mangle Unicode. - Completely eradicated polls. Note that this does mean that all database backups prior to December 11th 2010 are now incompatible with Four Island.
Diffstat (limited to 'admin/editPost.php')
| -rwxr-xr-x | admin/editPost.php | 4 |
1 files changed, 2 insertions, 2 deletions
| diff --git a/admin/editPost.php b/admin/editPost.php index b87f895..6044431 100755 --- a/admin/editPost.php +++ b/admin/editPost.php | |||
| @@ -201,13 +201,13 @@ if (!isset($_GET['type']) || !isset($_GET['id']) || !is_numeric($_GET['id'])) | |||
| 201 | $template->add('ACTION', '/admin/editPost.php?type=' . $type . '&id=' . $id . '&submit='); | 201 | $template->add('ACTION', '/admin/editPost.php?type=' . $type . '&id=' . $id . '&submit='); |
| 202 | } | 202 | } |
| 203 | 203 | ||
| 204 | $template->add('TITLEVALUE', htmlentities($_POST['title'])); | 204 | $template->add('TITLEVALUE', htmlspecialchars($_POST['title'])); |
| 205 | $template->add('TEXTVALUE', $_POST['text']); | 205 | $template->add('TEXTVALUE', $_POST['text']); |
| 206 | $template->add('TAGSVALUE', $_POST['tags']); | 206 | $template->add('TAGSVALUE', $_POST['tags']); |
| 207 | $template->add(strtoupper($_POST['type']) . 'SELECTED', ' checked="checked"'); | 207 | $template->add(strtoupper($_POST['type']) . 'SELECTED', ' checked="checked"'); |
| 208 | if ($_POST['type'] != 'draft') $template->add('TAGSDISABLED', ' readonly="readonly"'); | 208 | if ($_POST['type'] != 'draft') $template->add('TAGSDISABLED', ' readonly="readonly"'); |
| 209 | } else { | 209 | } else { |
| 210 | $template->add('TITLEVALUE', htmlentities($getpost3['title'])); | 210 | $template->add('TITLEVALUE', htmlspecialchars($getpost3['title'])); |
| 211 | $template->add('TEXTVALUE', $getpost3['text']); | 211 | $template->add('TEXTVALUE', $getpost3['text']); |
| 212 | $template->add('TAGSVALUE', implode(',', getTags($_GET['id'], $tableToTags[$_GET['type']]))); | 212 | $template->add('TAGSVALUE', implode(',', getTags($_GET['id'], $tableToTags[$_GET['type']]))); |
| 213 | $template->add(strtoupper($tableToForm[$_GET['type']]) . 'SELECTED', ' checked="checked"'); | 213 | $template->add(strtoupper($tableToForm[$_GET['type']]) . 'SELECTED', ' checked="checked"'); |