Home Explore Help
Sign In
Paenibacillus
/
sorbetcms
forked from richard/sorbetcms
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Commits 290 Releases 0 Wiki
Browse Source

Solved Issue #9

pecesama 18 years ago
parent
5d790ad4ce
commit
61f52e29ab
2 changed files with 16 additions and 4 deletions
Split View Show Diff Stats
  1. 11 0
      admin/add.php
  2. 5 4
      index.php

+ 11 - 0
admin/add.php View File 

@@ -54,6 +54,17 @@ if ($user->isAdmin()) {
54 54 
 			$_POST["url"] = $conf->urlGelato."/uploads/".$mp3Name;
55 55 
 		}
56 56
57 
+		if (get_magic_quotes_gpc()) {
58 
+			$_POST["title"] = htmlspecialchars(stripslashes($_POST["title"]));
59 
+			$_POST["description"] = htmlspecialchars(stripslashes($_POST["description"]));
60 
+		} else {
61 
+			$_POST["title"] = htmlspecialchars($_POST["title"]);
62 
+			$_POST["description"] = htmlspecialchars($_POST["description"]);
63 
+		}
64 
+
65 
+		$_POST["title"] = strip_tags($_POST["title"]);
66 
+		$_POST["description"] = strip_tags($_POST["description"]);
67 
+
57 68
58 69 
 		if (isset($_POST["id_post"])) {
59 70 
 			//$tumble->modifyPost($_POST, $_POST["id_post"]);

+ 5 - 4
index.php View File 

@@ -79,6 +79,7 @@
79 79 
 			while($register = mysql_fetch_array($rs)) {
80 80 
 				$formatedDate = date("M d", strtotime($register["date"]));
81 81 
 				$permalink = $conf->urlGelato."/index.php/post/".$register["id_post"]."/";
82 
+
82 83 
 				switch ($tumble->getType($register["id_post"])) {
83 84 
 					case "1":
84 85 
 						$input = array("{Date_Added}", "{Permalink}", "{Title}", "{Body}", "{URL_Tumble}");

@@ -97,10 +98,10 @@
97 98 
 							$photoPath = $register["url"];
98 99 
 						}
99 100
100 
-						$effect = " onclick=\"Lightbox.show('".$register["url"]."', '".strip_tags(htmlentities($register["description"]))."');\" ";
101 
+						$effect = " onclick=\"Lightbox.show('".$register["url"]."', '".strip_tags($register["description"])."');\" ";
101 102
102 103 
 						$input = array("{Date_Added}", "{Permalink}", "{PhotoURL}", "{PhotoAlt}", "{Caption}", "{Effect}", "{URL_Tumble}");
103 
-						$output = array($formatedDate, $permalink, $photoPath, strip_tags(htmlentities($register["description"])), $register["description"], $effect, $conf->urlGelato);
104 
+						$output = array($formatedDate, $permalink, $photoPath, strip_tags($register["description"]), $register["description"], $effect, $conf->urlGelato);
104 105
105 106 
 						$template->cargarPlantilla($input, $output, "template_photo");
106 107 
 						$template->mostrarPlantilla();							   

@@ -172,10 +173,10 @@
172 173 
 					$photoPath = $register["url"];
173 174 
 				}
174 175
175 
-				$effect = " onclick=\"Lightbox.show('".$register["url"]."', '".strip_tags(htmlentities($register["description"]))."');\" ";
176 
+				$effect = " onclick=\"Lightbox.show('".$register["url"]."', '".strip_tags($register["description"])."');\" ";
176 177
177 178 
 				$input = array("{Date_Added}", "{Permalink}", "{PhotoURL}", "{PhotoAlt}", "{Caption}", "{Effect}", "{URL_Tumble}");
178 
-				$output = array($formatedDate, $permalink, $photoPath, strip_tags(htmlentities($register["description"])), $register["description"], $effect, $conf->urlGelato);
179 
+				$output = array($formatedDate, $permalink, $photoPath, strip_tags($register["description"]), $register["description"], $effect, $conf->urlGelato);
179 180
180 181 
 				$template->cargarPlantilla($input, $output, "template_photo");
181 182 
 				$template->mostrarPlantilla();