Rooba
/
boinc
mirror of https://github.com/BOINC/boinc.git
1
0
Fork 0
Code Issues 1 Packages Projects Releases Wiki Activity

Adding and deleting too many slashes. This isn't needed. 

svn path=/trunk/boinc/; revision=7764
This commit is contained in:
Janus B. Kristensen 2005-09-05 11:42:41 +00:00
parent 782ccde9e0
commit 39825c3cd1
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
html/inc/db_forum.inc
View File

@ -3,7 +3,8 @@ $cvs_version_tracker[]="\$Id$"; //Generated automatically - do not edit
function quickDBClean($unclean) { function quickDBClean($unclean) {
/* A quick function to save me a few keystrokes */ /* A quick function to save me a few keystrokes */
return mysql_real_escape_string(stripslashes($unclean)); //return mysql_real_escape_string(stripslashes($unclean)); -We're overstripping slashes
return mysql_real_escape_string($unclean);
} }
function getCategories() { function getCategories() {
@ -351,7 +352,6 @@ function createThread($forumID, $ownerID, $title, $content, $add_signature=false
* $add_signature - bool (not used here) * $add_signature - bool (not used here)
*/ */
$content = substr($content,0,64000); // Shorten content to avoid cut-off html tags when inserting LARGE posts. $content = substr($content,0,64000); // Shorten content to avoid cut-off html tags when inserting LARGE posts.
$content = addslashes(sanitize_html(stripslashes($content)));
if (! (is_numeric($forumID) && is_numeric($ownerID))) { if (! (is_numeric($forumID) && is_numeric($ownerID))) {
return NULL; return NULL;
@ -398,7 +398,6 @@ function replyToThread($threadID, $userID, $content, $parent_post=NULL, $add_sig
return NULL; // The thread ID and forum ID should always be numeric return NULL; // The thread ID and forum ID should always be numeric
} // ...if not, something is majorly wrong. (these came from the DB) } // ...if not, something is majorly wrong. (these came from the DB)
$content = substr($content,0,64000); //Avoid cut-off html tags when posting LARGE texts $content = substr($content,0,64000); //Avoid cut-off html tags when posting LARGE texts
$content = addslashes(sanitize_html(stripslashes($content)));
addPost($threadID, $userID, $parent_post, $content, $add_signature); addPost($threadID, $userID, $parent_post, $content, $add_signature);
@ -446,9 +445,8 @@ function updatePost($postID, $content) {
if (! is_numeric($postID)) { if (! is_numeric($postID)) {
return false; // That really needs to be numeric. return false; // That really needs to be numeric.
} }
$content = substr($content,0,64000); //Avoid cut-off html tags when inserting LARGE texts $content = substr($content,0,64000); //Avoid cut-off html tags when inserting LARGE text
$x = addslashes(sanitize_html(stripslashes($content))); $x = quickDBClean($content);
$x = quickDBClean($x);
$sql = "UPDATE post SET content = \"$x\", modified = UNIX_TIMESTAMP() WHERE id = " . $postID; $sql = "UPDATE post SET content = \"$x\", modified = UNIX_TIMESTAMP() WHERE id = " . $postID;
$result = mysql_query($sql); $result = mysql_query($sql);
if (!$result) return false; if (!$result) return false;