[Fusionforge-commits] r14922 - trunk/src/www/my
Alain Peyrat
aljeux at fusionforge.org
Wed Nov 23 20:40:33 CET 2011
Author: aljeux
Date: 2011-11-23 20:40:33 +0100 (Wed, 23 Nov 2011)
New Revision: 14922
Modified:
trunk/src/www/my/diary.php
Log:
Use new getHtmlTextFromRequest() in diary
Modified: trunk/src/www/my/diary.php
===================================================================
--- trunk/src/www/my/diary.php 2011-11-23 19:40:28 UTC (rev 14921)
+++ trunk/src/www/my/diary.php 2011-11-23 19:40:33 UTC (rev 14922)
@@ -43,18 +43,10 @@
exit_form_double_submit('my');
}
- $summary = getStringFromRequest('summary');
- $details = getStringFromRequest('details');
+ $summary = getHtmlStringFromRequest('summary');
+ $details = getHtmlTextFromRequest('details');
$is_public = getIntFromRequest('is_public', 0);
- // Secure code sent by user.
- $summary = htmlspecialchars($summary);
- if (getStringFromRequest('_details_content_type') == 'html') {
- $details = TextSanitizer::purify($details);
- } else {
- $details = htmlspecialchars($details);
- }
-
//make changes to the database
if (getStringFromRequest('update')) {
//updating an existing diary entry
@@ -219,10 +211,11 @@
} else {
echo ' </td></tr>';
for ($i=0; $i<$rows; $i++) {
+ $date = relative_date(db_result($result,$i,'date_posted'));
echo '
<tr '. $GLOBALS['HTML']->boxGetAltRowStyle($i) .'><td><a href="'. getStringFromServer('PHP_SELF') .'?diary_id='.
db_result($result,$i,'id').'">'.db_result($result,$i,'summary').'</a></td>'.
- '<td>'. date(_('Y-m-d H:i'), db_result($result,$i,'date_posted')).'</td></tr>';
+ '<td>'. $date.'</td></tr>';
}
echo '
<tr><td colspan="2" class="tablecontent">';
More information about the Fusionforge-commits
mailing list