Permalink
Browse files

Strip HTML from name when form submitted.

  • Loading branch information...
1 parent b1c5ee8 commit 2ffa197f9b0aad6e993de4e38a5bb14fc4e4b537 @jamiemccarthy jamiemccarthy committed Jan 10, 2002
Showing with 2 additions and 0 deletions.
  1. +2 −0 plugins/Submit/submit.pl
@@ -41,6 +41,7 @@ sub main {
$form->{from} = strip_attribute($form->{from}) if $form->{from};
$form->{subj} = strip_attribute($form->{subj}) if $form->{subj};
$form->{email} = strip_attribute($form->{email}) if $form->{email};
+ $form->{name} = strip_nohtml($form->{name}) if $form->{name};
# Show submission title on browser's titlebar.
my($tbtitle) = $form->{title};
@@ -417,6 +418,7 @@ sub saveSub {
}
$form->{story} = strip_html(url2html($form->{story}));
+ # Maybe $form->{story} = balanceTags($form->{story}) here?
my $uid ||= $form->{name}
? getCurrentUser('uid')

0 comments on commit 2ffa197

Please sign in to comment.