summary refs log tree commit diff stats
path: root/pages
diff options
context:
space:
mode:
Diffstat (limited to 'pages')
-rwxr-xr-xpages/blog.php4
-rwxr-xr-xpages/poll.php14
-rwxr-xr-xpages/quotes.php2
-rwxr-xr-xpages/welcome.php4
4 files changed, 12 insertions, 12 deletions
diff --git a/pages/blog.php b/pages/blog.php index 28fa759..31978f2 100755 --- a/pages/blog.php +++ b/pages/blog.php
@@ -67,10 +67,10 @@ if (isset($_GET['post']))
67 'MONTH' => date('M',strtotime($getpost3['pubDate'])), 67 'MONTH' => date('M',strtotime($getpost3['pubDate'])),
68 'DAY' => date('d',strtotime($getpost3['pubDate'])), 68 'DAY' => date('d',strtotime($getpost3['pubDate'])),
69 'CODED' => $getpost3['slug'], 69 'CODED' => $getpost3['slug'],
70 'TITLE' => htmlentities($getpost3['title']), 70 'TITLE' => htmlentities(stripslashes($getpost3['title'])),
71 'AUTHOR' => $getpost3['author'], 71 'AUTHOR' => $getpost3['author'],
72 'RATING' => $getpost3['rating'], 72 'RATING' => $getpost3['rating'],
73 'TEXT' => parseText($getpost3['text']))); 73 'TEXT' => parseText(stripslashes($getpost3['text']))));
74 74
75 $tags = getTags($getpost3['id']); 75 $tags = getTags($getpost3['id']);
76 foreach ($tags as $tag) 76 foreach ($tags as $tag)
diff --git a/pages/poll.php b/pages/poll.php index a9ab19f..3099e32 100755 --- a/pages/poll.php +++ b/pages/poll.php
@@ -53,7 +53,7 @@ if (!isset($_GET['id']))
53 $question .= '....'; 53 $question .= '....';
54 } 54 }
55 $template->adds_block('POLL', array( 'ID' => $getpolls3[$i]['id'], 55 $template->adds_block('POLL', array( 'ID' => $getpolls3[$i]['id'],
56 'QUESTION' => htmlentities($question), 56 'QUESTION' => htmlentities(stripslashes($question)),
57 'WEEK' => date('F jS Y', strtotime($getpolls3[$i]['week'])), 57 'WEEK' => date('F jS Y', strtotime($getpolls3[$i]['week'])),
58 'EVEN' => (($i % 2 == 1) ? ' class="even"' : ''))); 58 'EVEN' => (($i % 2 == 1) ? ' class="even"' : '')));
59 $i++; 59 $i++;
@@ -90,17 +90,17 @@ if (!isset($_GET['id']))
90 90
91 if ($getpoll3['id'] == $_GET['id']) 91 if ($getpoll3['id'] == $_GET['id'])
92 { 92 {
93 $template->add('QUESTION', htmlentities($getpoll3['question'])); 93 $template->add('QUESTION', htmlentities(stripslashes($getpoll3['question'])));
94 94
95 if ($getpoll3['text'] != '') 95 if ($getpoll3['text'] != '')
96 { 96 {
97 $template->adds_block('COMPLETE', array( 'RSS' => parseText($getpoll3['text']), 97 $template->adds_block('COMPLETE', array( 'RSS' => parseText(stripslashes($getpoll3['text'])),
98 'AUTHOR' => $getrss3['author'], 98 'AUTHOR' => $getrss3['author'],
99 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getpoll3['week'])), 99 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getpoll3['week'])),
100 'OPTION1' => $getpoll3['option1'], 100 'OPTION1' => stripslashes($getpoll3['option1']),
101 'OPTION2' => $getpoll3['option2'], 101 'OPTION2' => stripslashes($getpoll3['option2']),
102 'OPTION3' => $getpoll3['option3'], 102 'OPTION3' => stripslashes($getpoll3['option3']),
103 'OPTION4' => $getpoll3['option4'], 103 'OPTION4' => stripslashes($getpoll3['option4']),
104 'CLICKS1' => $getpoll3['clicks1'], 104 'CLICKS1' => $getpoll3['clicks1'],
105 'CLICKS2' => $getpoll3['clicks2'], 105 'CLICKS2' => $getpoll3['clicks2'],
106 'CLICKS3' => $getpoll3['clicks3'], 106 'CLICKS3' => $getpoll3['clicks3'],
diff --git a/pages/quotes.php b/pages/quotes.php index 8c6958d..17057c2 100755 --- a/pages/quotes.php +++ b/pages/quotes.php
@@ -70,7 +70,7 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id'])))
70 $template = new FITemplate('quotes/add'); 70 $template = new FITemplate('quotes/add');
71 if (isset($_GET['submit'])) 71 if (isset($_GET['submit']))
72 { 72 {
73 $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities($_POST['rash_quote'])))); 73 $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities(stripslashes($_POST['rash_quote'])))));
74 if (!isLoggedIn()) 74 if (!isLoggedIn())
75 { 75 {
76 $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; 76 $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")";
diff --git a/pages/welcome.php b/pages/welcome.php index 833af8a..819420b 100755 --- a/pages/welcome.php +++ b/pages/welcome.php
@@ -77,12 +77,12 @@ while ($getpost3 = mysql_fetch_array($getpost2))
77 'MONTH' => date('M',strtotime($getpost3['pubDate'])), 77 'MONTH' => date('M',strtotime($getpost3['pubDate'])),
78 'DAY' => date('d',strtotime($getpost3['pubDate'])), 78 'DAY' => date('d',strtotime($getpost3['pubDate'])),
79 'CODED' => $getpost3['slug'], 79 'CODED' => $getpost3['slug'],
80 'TITLE' => htmlentities($getpost3['title']), 80 'TITLE' => htmlentities(stripslashes($getpost3['title'])),
81 'AUTHOR' => $getpost3['author'], 81 'AUTHOR' => $getpost3['author'],
82 'PLURALCOMMENT' => (isset($plural) ? $plural : ''), 82 'PLURALCOMMENT' => (isset($plural) ? $plural : ''),
83 'COMMENTS' => $comText, 83 'COMMENTS' => $comText,
84 'RATING' => $getpost3['rating'], 84 'RATING' => $getpost3['rating'],
85 'TEXT' => parseText($getpost3['text']))); 85 'TEXT' => parseText(stripslashes($getpost3['text']))));
86 86
87 $tags = getTags($getpost3['id']); 87 $tags = getTags($getpost3['id']);
88 foreach ($tags as $tag) 88 foreach ($tags as $tag)