mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-10 10:44:20 +02:00
Code Issues Releases Wiki Activity

2.0.11

Browse Source 
git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5028 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Meik Sievertsen
2004-11-18 17:49:48 +00:00
parent 9ba371aa0e
commit c835b7e909
26 changed files with 1699 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
phpBB/privmsg.php
View File

@@ -1132,7 +1132,7 @@ else if ( $submit || $refresh || $mode != '' )
{
if ( !empty($HTTP_POST_VARS['username']) )
{
$to_username = $HTTP_POST_VARS['username'];
$to_username = phpbb_clean_username($HTTP_POST_VARS['username']);
$sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
FROM " . USERS_TABLE . "
@@ -1337,7 +1337,8 @@ else if ( $submit || $refresh || $mode != '' )
// passed to the script, process it a little, do some checks
// where neccessary, etc.
//
$to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : '';
$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
$privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
@@ -1707,7 +1708,7 @@ else if ( $submit || $refresh || $mode != '' )
$template->assign_vars(array(
'SUBJECT' => $privmsg_subject,
'USERNAME' => preg_replace($html_entities_match, $html_entities_replace, $to_username),
'USERNAME' => $to_username,
'MESSAGE' => $privmsg_message,
'HTML_STATUS' => $html_status,
'SMILIES_STATUS' => $smilies_status,