From 87b42536198dfab02de616f9ba1e68ea307cce90 Mon Sep 17 00:00:00 2001 From: Starla Insigna Date: Sun, 20 Feb 2011 07:30:35 -0500 Subject: Disabled anonymous submission of quotes A blog post explaining why will be posted soon. --- pages/quotes.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'pages') diff --git a/pages/quotes.php b/pages/quotes.php index f47dbd3..9524cd0 100755 --- a/pages/quotes.php +++ b/pages/quotes.php @@ -70,14 +70,15 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id']))) $template = new FITemplate('quotes/add'); if (isset($_GET['submit'])) { - $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","
",htmlspecialchars($_POST['rash_quote'])))); if (!isLoggedIn()) { - $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")"; + $template->adds_block('ERROR', array('exi'=>1)); } else { $insquote = "INSERT INTO rash_quotes (quote, rating, flag, date) VALUES (\"" . mysql_real_escape_string($_POST['rash_quote']) . "\", 0, 0, \"" . time() . "\")"; + $insquote2 = mysql_query($insquote); + + $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","
",htmlspecialchars($_POST['rash_quote'])))); } - $insquote2 = mysql_query($insquote); } $template->display(); } elseif ($_GET['act'] == 'bottom') -- cgit 1.4.1