diff options
| author | Starla Insigna <hatkirby@fourisland.com> | 2009-10-02 19:04:20 -0400 |
|---|---|---|
| committer | Starla Insigna <hatkirby@fourisland.com> | 2009-10-02 19:04:20 -0400 |
| commit | 9dfba1e70866fb2bb551678f6e04b8ddfd5467e1 (patch) | |
| tree | 81f4731ae7b2fa902226f084480e26411ac3ad71 /includes/footer.php | |
| parent | 00586f1e8ada8f5baa6e3013525862dccac77b4a (diff) | |
| download | fourisland-9dfba1e70866fb2bb551678f6e04b8ddfd5467e1.tar.gz fourisland-9dfba1e70866fb2bb551678f6e04b8ddfd5467e1.tar.bz2 fourisland-9dfba1e70866fb2bb551678f6e04b8ddfd5467e1.zip | |
Fixed HTML Entites problem
When the poll escaping problem was fixed, a whole ton of other similar bugs were found which were also fixed here. Fixes #115
Diffstat (limited to 'includes/footer.php')
| -rwxr-xr-x | includes/footer.php | 8 |
1 files changed, 4 insertions, 4 deletions
| diff --git a/includes/footer.php b/includes/footer.php index 19cc341..d1f9668 100755 --- a/includes/footer.php +++ b/includes/footer.php | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | <?php | 1 | <?php |
| 2 | /* | 2 | /* |
| 3 | 444444444 | 3 | 444444444 |
| 4 | 4::::::::4 | 4 | 4::::::::4 |
| @@ -65,7 +65,7 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | |||
| 65 | 'AREA' => 'blog', | 65 | 'AREA' => 'blog', |
| 66 | 'CODED' => $getpost3['slug'], | 66 | 'CODED' => $getpost3['slug'], |
| 67 | 'ENDING' => '/', | 67 | 'ENDING' => '/', |
| 68 | 'TITLE' => stripslashes($getpost3['title']), | 68 | 'TITLE' => stripslashes(htmlentities($getpost3['title'])), |
| 69 | 'AUTHOR' => (($website != '') ? '<a href="' . $website . '">' . $username . '</a>' : $username))); | 69 | 'AUTHOR' => (($website != '') ? '<a href="' . $website . '">' . $username . '</a>' : $username))); |
| 70 | $i++; | 70 | $i++; |
| 71 | } else if (strpos($getcomments3[$i]['page_id'], 'quote') !== FALSE) | 71 | } else if (strpos($getcomments3[$i]['page_id'], 'quote') !== FALSE) |
| @@ -89,7 +89,7 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | |||
| 89 | 'AREA' => 'poll', | 89 | 'AREA' => 'poll', |
| 90 | 'CODED' => $getpotw3['id'], | 90 | 'CODED' => $getpotw3['id'], |
| 91 | 'ENDING' => '.php', | 91 | 'ENDING' => '.php', |
| 92 | 'TITLE' => 'Poll "' . $getpotw3['question'] . '"', | 92 | 'TITLE' => 'Poll "' . htmlentities($getpotw3['question']) . '"', |
| 93 | 'AUTHOR' => (($website != '') ? '<a href="' . $website . '">' . $username . '</a>' : $username))); | 93 | 'AUTHOR' => (($website != '') ? '<a href="' . $website . '">' . $username . '</a>' : $username))); |
| 94 | $i++; | 94 | $i++; |
| 95 | } | 95 | } |
| @@ -169,7 +169,7 @@ $i=0; | |||
| 169 | while ($getpopular3[$i] = mysql_fetch_array($getpopular2)) | 169 | while ($getpopular3[$i] = mysql_fetch_array($getpopular2)) |
| 170 | { | 170 | { |
| 171 | $template->adds_block('POPULAR', array( 'CODED' => $getpopular3[$i]['slug'], | 171 | $template->adds_block('POPULAR', array( 'CODED' => $getpopular3[$i]['slug'], |
| 172 | 'TITLE' => stripslashes($getpopular3[$i]['title']))); | 172 | 'TITLE' => stripslashes(htmlentities($getpopular3[$i]['title'])))); |
| 173 | $i++; | 173 | $i++; |
| 174 | } | 174 | } |
| 175 | 175 | ||