summary refs log tree commit diff stats
path: root/includes/comments.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/comments.php')
-rwxr-xr-xincludes/comments.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/includes/comments.php b/includes/comments.php index e050073..0f48444 100755 --- a/includes/comments.php +++ b/includes/comments.php
@@ -69,8 +69,8 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
69 if (isset($username)) 69 if (isset($username))
70 { 70 {
71 $template->add_ref($curID, 'COMMENTS', array( 'CODEDEMAIL' => md5(strtolower($email)), 71 $template->add_ref($curID, 'COMMENTS', array( 'CODEDEMAIL' => md5(strtolower($email)),
72 'USERNAME' => (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username), 72 'USERNAME' => (($website != '') ? '<a href="' . $website . '">' . $username . '</a>' : $username),
73 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getcomments3[$i]['posttime'])), 73 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getcomments3[$i]['posttime'])),
74 'ID' => $getcomments3[$i]['id'], 74 'ID' => $getcomments3[$i]['id'],
75 'TEXT' => parseText($getcomments3[$i]['comment']))); 75 'TEXT' => parseText($getcomments3[$i]['comment'])));
76 76
@@ -78,7 +78,7 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
78 { 78 {
79 if ((isAdmin()) || (($getcomments3[$i]['is_anon'] == 0) && (getSessionUserID() === $getcomments3[$i]['user_id']))) 79 if ((isAdmin()) || (($getcomments3[$i]['is_anon'] == 0) && (getSessionUserID() === $getcomments3[$i]['user_id'])))
80 { 80 {
81 $template->adds_ref_sub($curID, 'EDITOR', array('BEFORE' => $getcomments3[$i]['comment'])); 81 $template->adds_ref_sub($curID, 'EDITOR', array('BEFORE' => htmlspecialchars($getcomments3[$i]['comment'])));
82 } 82 }
83 } 83 }
84 } 84 }