diff options
Diffstat (limited to 'includes/comments.php')
-rwxr-xr-x | includes/comments.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/includes/comments.php b/includes/comments.php index e050073..0f48444 100755 --- a/includes/comments.php +++ b/includes/comments.php | |||
@@ -69,8 +69,8 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | |||
69 | if (isset($username)) | 69 | if (isset($username)) |
70 | { | 70 | { |
71 | $template->add_ref($curID, 'COMMENTS', array( 'CODEDEMAIL' => md5(strtolower($email)), | 71 | $template->add_ref($curID, 'COMMENTS', array( 'CODEDEMAIL' => md5(strtolower($email)), |
72 | 'USERNAME' => (($website != '') ? '<A HREF="' . $website . '">' . $username . '</A>' : $username), | 72 | 'USERNAME' => (($website != '') ? '<a href="' . $website . '">' . $username . '</a>' : $username), |
73 | 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getcomments3[$i]['posttime'])), | 73 | 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getcomments3[$i]['posttime'])), |
74 | 'ID' => $getcomments3[$i]['id'], | 74 | 'ID' => $getcomments3[$i]['id'], |
75 | 'TEXT' => parseText($getcomments3[$i]['comment']))); | 75 | 'TEXT' => parseText($getcomments3[$i]['comment']))); |
76 | 76 | ||
@@ -78,7 +78,7 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | |||
78 | { | 78 | { |
79 | if ((isAdmin()) || (($getcomments3[$i]['is_anon'] == 0) && (getSessionUserID() === $getcomments3[$i]['user_id']))) | 79 | if ((isAdmin()) || (($getcomments3[$i]['is_anon'] == 0) && (getSessionUserID() === $getcomments3[$i]['user_id']))) |
80 | { | 80 | { |
81 | $template->adds_ref_sub($curID, 'EDITOR', array('BEFORE' => $getcomments3[$i]['comment'])); | 81 | $template->adds_ref_sub($curID, 'EDITOR', array('BEFORE' => htmlspecialchars($getcomments3[$i]['comment']))); |
82 | } | 82 | } |
83 | } | 83 | } |
84 | } | 84 | } |