diff options
Diffstat (limited to 'pages')
| -rwxr-xr-x | pages/blog.php | 4 | ||||
| -rwxr-xr-x | pages/poll.php | 14 | ||||
| -rwxr-xr-x | pages/quotes.php | 2 | ||||
| -rwxr-xr-x | pages/welcome.php | 4 |
4 files changed, 12 insertions, 12 deletions
| diff --git a/pages/blog.php b/pages/blog.php index 28fa759..31978f2 100755 --- a/pages/blog.php +++ b/pages/blog.php | |||
| @@ -67,10 +67,10 @@ if (isset($_GET['post'])) | |||
| 67 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), | 67 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), |
| 68 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), | 68 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), |
| 69 | 'CODED' => $getpost3['slug'], | 69 | 'CODED' => $getpost3['slug'], |
| 70 | 'TITLE' => htmlentities($getpost3['title']), | 70 | 'TITLE' => htmlentities(stripslashes($getpost3['title'])), |
| 71 | 'AUTHOR' => $getpost3['author'], | 71 | 'AUTHOR' => $getpost3['author'], |
| 72 | 'RATING' => $getpost3['rating'], | 72 | 'RATING' => $getpost3['rating'], |
| 73 | 'TEXT' => parseText($getpost3['text']))); | 73 | 'TEXT' => parseText(stripslashes($getpost3['text'])))); |
| 74 | 74 | ||
| 75 | $tags = getTags($getpost3['id']); | 75 | $tags = getTags($getpost3['id']); |
| 76 | foreach ($tags as $tag) | 76 | foreach ($tags as $tag) |
| diff --git a/pages/poll.php b/pages/poll.php index a9ab19f..3099e32 100755 --- a/pages/poll.php +++ b/pages/poll.php | |||
| @@ -53,7 +53,7 @@ if (!isset($_GET['id'])) | |||
| 53 | $question .= '....'; | 53 | $question .= '....'; |
| 54 | } | 54 | } |
| 55 | $template->adds_block('POLL', array( 'ID' => $getpolls3[$i]['id'], | 55 | $template->adds_block('POLL', array( 'ID' => $getpolls3[$i]['id'], |
| 56 | 'QUESTION' => htmlentities($question), | 56 | 'QUESTION' => htmlentities(stripslashes($question)), |
| 57 | 'WEEK' => date('F jS Y', strtotime($getpolls3[$i]['week'])), | 57 | 'WEEK' => date('F jS Y', strtotime($getpolls3[$i]['week'])), |
| 58 | 'EVEN' => (($i % 2 == 1) ? ' class="even"' : ''))); | 58 | 'EVEN' => (($i % 2 == 1) ? ' class="even"' : ''))); |
| 59 | $i++; | 59 | $i++; |
| @@ -90,17 +90,17 @@ if (!isset($_GET['id'])) | |||
| 90 | 90 | ||
| 91 | if ($getpoll3['id'] == $_GET['id']) | 91 | if ($getpoll3['id'] == $_GET['id']) |
| 92 | { | 92 | { |
| 93 | $template->add('QUESTION', htmlentities($getpoll3['question'])); | 93 | $template->add('QUESTION', htmlentities(stripslashes($getpoll3['question']))); |
| 94 | 94 | ||
| 95 | if ($getpoll3['text'] != '') | 95 | if ($getpoll3['text'] != '') |
| 96 | { | 96 | { |
| 97 | $template->adds_block('COMPLETE', array( 'RSS' => parseText($getpoll3['text']), | 97 | $template->adds_block('COMPLETE', array( 'RSS' => parseText(stripslashes($getpoll3['text'])), |
| 98 | 'AUTHOR' => $getrss3['author'], | 98 | 'AUTHOR' => $getrss3['author'], |
| 99 | 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getpoll3['week'])), | 99 | 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getpoll3['week'])), |
| 100 | 'OPTION1' => $getpoll3['option1'], | 100 | 'OPTION1' => stripslashes($getpoll3['option1']), |
| 101 | 'OPTION2' => $getpoll3['option2'], | 101 | 'OPTION2' => stripslashes($getpoll3['option2']), |
| 102 | 'OPTION3' => $getpoll3['option3'], | 102 | 'OPTION3' => stripslashes($getpoll3['option3']), |
| 103 | 'OPTION4' => $getpoll3['option4'], | 103 | 'OPTION4' => stripslashes($getpoll3['option4']), |
| 104 | 'CLICKS1' => $getpoll3['clicks1'], | 104 | 'CLICKS1' => $getpoll3['clicks1'], |
| 105 | 'CLICKS2' => $getpoll3['clicks2'], | 105 | 'CLICKS2' => $getpoll3['clicks2'], |
| 106 | 'CLICKS3' => $getpoll3['clicks3'], | 106 | 'CLICKS3' => $getpoll3['clicks3'], |
| diff --git a/pages/quotes.php b/pages/quotes.php index 8c6958d..17057c2 100755 --- a/pages/quotes.php +++ b/pages/quotes.php | |||
| @@ -70,7 +70,7 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id']))) | |||
| 70 | $template = new FITemplate('quotes/add'); | 70 | $template = new FITemplate('quotes/add'); |
| 71 | if (isset($_GET['submit'])) | 71 | if (isset($_GET['submit'])) |
| 72 | { | 72 | { |
| 73 | $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities($_POST['rash_quote'])))); | 73 | $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities(stripslashes($_POST['rash_quote']))))); |
| 74 | if (!isLoggedIn()) | 74 | if (!isLoggedIn()) |
| 75 | { | 75 | { |
| 76 | $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; | 76 | $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; |
| diff --git a/pages/welcome.php b/pages/welcome.php index 833af8a..819420b 100755 --- a/pages/welcome.php +++ b/pages/welcome.php | |||
| @@ -77,12 +77,12 @@ while ($getpost3 = mysql_fetch_array($getpost2)) | |||
| 77 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), | 77 | 'MONTH' => date('M',strtotime($getpost3['pubDate'])), |
| 78 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), | 78 | 'DAY' => date('d',strtotime($getpost3['pubDate'])), |
| 79 | 'CODED' => $getpost3['slug'], | 79 | 'CODED' => $getpost3['slug'], |
| 80 | 'TITLE' => htmlentities($getpost3['title']), | 80 | 'TITLE' => htmlentities(stripslashes($getpost3['title'])), |
| 81 | 'AUTHOR' => $getpost3['author'], | 81 | 'AUTHOR' => $getpost3['author'], |
| 82 | 'PLURALCOMMENT' => (isset($plural) ? $plural : ''), | 82 | 'PLURALCOMMENT' => (isset($plural) ? $plural : ''), |
| 83 | 'COMMENTS' => $comText, | 83 | 'COMMENTS' => $comText, |
| 84 | 'RATING' => $getpost3['rating'], | 84 | 'RATING' => $getpost3['rating'], |
| 85 | 'TEXT' => parseText($getpost3['text']))); | 85 | 'TEXT' => parseText(stripslashes($getpost3['text'])))); |
| 86 | 86 | ||
| 87 | $tags = getTags($getpost3['id']); | 87 | $tags = getTags($getpost3['id']); |
| 88 | foreach ($tags as $tag) | 88 | foreach ($tags as $tag) |