mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-11 00:54:49 +02:00
Code Issues Releases Wiki Activity

bugfix: contact page - cleaned user input

Browse Source
This commit is contained in:
CaMer0n
2007-09-09 07:05:06 +00:00
parent c453b09bc8
commit 202de28639
2 changed files with 33 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
contact.php
View File

@@ -11,9 +11,9 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/contact.php,v $
| $Revision: 1.3 $
| $Date: 2007-04-15 14:37:17 $
| $Author: e107steved $
| $Revision: 1.4 $
| $Date: 2007-09-09 07:05:06 $
| $Author: e107coders $
+----------------------------------------------------------------------------+
*/
require_once("class2.php");
@@ -40,7 +40,8 @@ if(isset($_POST['send-contactus'])){
$sender_name = $tp->toEmail($_POST['author_name'],TRUE,"rawtext");
$sender = check_email($_POST['email_send']);
$subject = $tp->toEmail($_POST['subject'],TRUE,"rawtext");
$body = $tp->toEmail($_POST['body'],TRUE);
$body = $tp->toEmail($_POST['body'],TRUE,"rawtext");
// Check Image-Code
if (isset($_POST['rand_num']) && !$sec_img->verify_code($_POST['rand_num'], $_POST['code_verify']))
@@ -66,6 +67,7 @@ if(isset($_POST['send-contactus'])){
}
// Check email address on remote server (if enabled).
if ($pref['signup_remote_emailcheck'] && $error == "")
{
@@ -88,7 +90,10 @@ if(isset($_POST['send-contactus'])){
if(!$error)
{
$body .= "\n\nIP:\t".USERIP."\n";
if(USERID !== FALSE)
{
$body .= "User:\t#".USERID." ".USERNAME."\n";
}
if(!$_POST['contact_person'] && isset($pref['sitecontacts'])) // only 1 person, so contact_person not posted.
{
@@ -157,4 +162,4 @@ if(isset($pref['sitecontacts']) && $pref['sitecontacts'] != 255)
}
require_once(FOOTERF);
exit;
?>
?>