- Small update wrt filters.

ac1eecb7 · Dries · 8d0546bc · ac1eecb7 · ac1eecb7
Commit ac1eecb7 authored Nov 25, 2001 by Dries
Hide whitespace changes
Inline Side-by-side

Showing with 6 additions and 6 deletions

modules/comment.module modules/comment.module +3 -3

modules/comment/comment.module modules/comment/comment.module +3 -3

No files found.
--- a/modules/comment.module
+++ b/modules/comment.module
@@ -60,7 +60,7 @@ function comment_edit($id) {
 }

 function comment_save($id, $edit) {
-  db_query("UPDATE comments SET subject = '". check_input($edit[subject]) ."', comment = '". check_input($edit[comment]) ."' WHERE cid = '$id'");
+  db_query("UPDATE comments SET subject = '". check_input(filter($edit[subject])) ."', comment = '". check_input(filter($edit[comment])) ."' WHERE cid = '$id'");
  watchdog("special", "comment: modified '$edit[subject]'");
 }

@@ -98,11 +98,11 @@ function comment_admin() {
        print search_type("comment", "admin.php?mod=comment&op=search");
        break;
      case "delete":
-        print comment_delete(check_input($id));
+        print comment_delete(check_query($id));
        print comment_overview();
        break;
      case t("Submit"):
-        print status(comment_save(check_input($id), $edit));
+        print status(comment_save(check_query($id), $edit));
        print comment_overview();
        break;
      default:

--- a/modules/comment/comment.module
+++ b/modules/comment/comment.module
@@ -60,7 +60,7 @@ function comment_edit($id) {
 }

 function comment_save($id, $edit) {
-  db_query("UPDATE comments SET subject = '". check_input($edit[subject]) ."', comment = '". check_input($edit[comment]) ."' WHERE cid = '$id'");
+  db_query("UPDATE comments SET subject = '". check_input(filter($edit[subject])) ."', comment = '". check_input(filter($edit[comment])) ."' WHERE cid = '$id'");
  watchdog("special", "comment: modified '$edit[subject]'");
 }

@@ -98,11 +98,11 @@ function comment_admin() {
        print search_type("comment", "admin.php?mod=comment&op=search");
        break;
      case "delete":
-        print comment_delete(check_input($id));
+        print comment_delete(check_query($id));
        print comment_overview();
        break;
      case t("Submit"):
-        print status(comment_save(check_input($id), $edit));
+        print status(comment_save(check_query($id), $edit));
        print comment_overview();
        break;
      default: