[Fusionforge-commits] r11268 - trunk/src/www/news
Alain Peyrat
aljeux at libremir.placard.fr.eu.org
Fri Oct 29 20:08:48 CEST 2010
Author: aljeux
Date: 2010-10-29 20:08:48 +0200 (Fri, 29 Oct 2010)
New Revision: 11268
Modified:
trunk/src/www/news/submit.php
Log:
Improve HTML vs text detection when submitting news.
Modified: trunk/src/www/news/submit.php
===================================================================
--- trunk/src/www/news/submit.php 2010-10-29 18:08:42 UTC (rev 11267)
+++ trunk/src/www/news/submit.php 2010-10-29 18:08:48 UTC (rev 11268)
@@ -71,8 +71,6 @@
exit_permission_denied(_('You cannot submit news for a project unless you are an admin on that project'),'home');
}
- $group_id = getIntFromRequest('group_id');
-
if ($group_id == forge_get_config('news_group')) {
exit_permission_denied(_('Submitting news from the news group is not allowed.'),'home');
}
@@ -86,8 +84,11 @@
//check to make sure both fields are there
if ($summary && $details) {
- $sanitizer = new TextSanitizer();
- $details = $sanitizer->purify($details);
+ if (getStringFromRequest('_details_content_type') == 'html') {
+ $details = TextSanitizer::purify($details);
+ } else {
+ $details = htmlspecialchars($details);
+ }
/*
Insert the row into the db if it's a generic message
More information about the Fusionforge-commits
mailing list