mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-31 20:00:37 +02:00
Code Issues Releases Wiki Activity

xss fix

Browse Source
This commit is contained in:
mcfly
2006-12-16 03:38:17 +00:00
parent 4be3180aa0
commit 6324c74768
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
e107_plugins/chatbox_menu/chatbox_menu.php
View File

@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org). | GNU General Public License (http://gnu.org).
| |
| $Source: /cvs_backup/e107_0.8/e107_plugins/chatbox_menu/chatbox_menu.php,v $ | $Source: /cvs_backup/e107_0.8/e107_plugins/chatbox_menu/chatbox_menu.php,v $
| $Revision: 1.1.1.1 $ | $Revision: 1.2 $
| $Date: 2006-12-02 04:34:51 $ | $Date: 2006-12-16 03:38:17 $
| $Author: mcfly_e107 $ | $Author: mcfly_e107 $
+----------------------------------------------------------------------------+ +----------------------------------------------------------------------------+
*/ */
@@ -55,7 +55,7 @@ if(isset($_POST['chat_submit']) && $_POST['cmessage'] != "")
{ {
if((strlen(trim($cmessage)) < 1000) && trim($cmessage) != "") if((strlen(trim($cmessage)) < 1000) && trim($cmessage) != "")
{ {
$cmessage = $tp -> toDB($cmessage, false, true); $cmessage = $tp -> toDB($cmessage);
if($sql -> db_Select("chatbox", "*", "cb_message='$cmessage' AND cb_datestamp+84600>".time())) if($sql -> db_Select("chatbox", "*", "cb_message='$cmessage' AND cb_datestamp+84600>".time()))
{ {
$emessage = CHATBOX_L17; $emessage = CHATBOX_L17;