Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Strip HTML from name when form submitted.

  • Loading branch information...
commit 2ffa197f9b0aad6e993de4e38a5bb14fc4e4b537 1 parent b1c5ee8
@jamiemccarthy jamiemccarthy authored
Showing with 2 additions and 0 deletions.
  1. +2 −0  plugins/Submit/submit.pl
View
2  plugins/Submit/submit.pl
@@ -41,6 +41,7 @@ sub main {
$form->{from} = strip_attribute($form->{from}) if $form->{from};
$form->{subj} = strip_attribute($form->{subj}) if $form->{subj};
$form->{email} = strip_attribute($form->{email}) if $form->{email};
+ $form->{name} = strip_nohtml($form->{name}) if $form->{name};
# Show submission title on browser's titlebar.
my($tbtitle) = $form->{title};
@@ -417,6 +418,7 @@ sub saveSub {
}
$form->{story} = strip_html(url2html($form->{story}));
+ # Maybe $form->{story} = balanceTags($form->{story}) here?
my $uid ||= $form->{name}
? getCurrentUser('uid')
Please sign in to comment.
Something went wrong with that request. Please try again.