Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Open sidebar
project
drupal
Commits
b95f496b
Commit
b95f496b
authored
Mar 01, 2007
by
Dries
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
- Backporting comment module validation fixes. Already went into
DRUPAL-5
.
parent
6ee8563e
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
23 additions
and
17 deletions
+23
-17
modules/comment/comment.module
modules/comment/comment.module
+19
-17
modules/node/node.module
modules/node/node.module
+4
-0
No files found.
modules/comment/comment.module
View file @
b95f496b
...
...
@@ -1589,24 +1589,26 @@ function comment_form_add_preview($form, $edit) {
$output
=
''
;
comment_validate
(
$edit
);
$comment
=
(
object
)
_comment_form_submit
(
$edit
);
// Attach the user and time information.
if
(
$edit
[
'author'
])
{
$account
=
user_load
(
array
(
'name'
=>
$edit
[
'author'
]));
}
elseif
(
$user
->
uid
&&
!
isset
(
$edit
[
'is_anonymous'
]))
{
$account
=
$user
;
}
if
(
$account
)
{
$comment
->
uid
=
$account
->
uid
;
$comment
->
name
=
check_plain
(
$account
->
name
);
}
$comment
->
timestamp
=
!
empty
(
$edit
[
'timestamp'
])
?
$edit
[
'timestamp'
]
:
time
();
// Preview the comment with security check.
// Invoke full validation for the form, to protect against cross site
// request forgeries (CSRF) and setting arbitrary values for fields such as
// the input format. Preview the comment only when form validation does not
// set any errors.
drupal_validate_form
(
$form
[
'form_id'
][
'#value'
],
$form
);
if
(
!
form_get_errors
())
{
$comment
=
(
object
)
_comment_form_submit
(
$edit
);
// Attach the user and time information.
if
(
$edit
[
'author'
])
{
$account
=
user_load
(
array
(
'name'
=>
$edit
[
'author'
]));
}
elseif
(
$user
->
uid
&&
!
isset
(
$edit
[
'is_anonymous'
]))
{
$account
=
$user
;
}
if
(
$account
)
{
$comment
->
uid
=
$account
->
uid
;
$comment
->
name
=
check_plain
(
$account
->
name
);
}
$comment
->
timestamp
=
$edit
[
'timestamp'
]
?
$edit
[
'timestamp'
]
:
time
();
$output
.
=
theme
(
'comment_view'
,
$comment
);
}
$form
[
'comment_preview'
]
=
array
(
...
...
modules/node/node.module
View file @
b95f496b
...
...
@@ -2027,6 +2027,10 @@ function node_form_add_preview($form) {
$op
=
isset
(
$form_values
[
'op'
])
?
$form_values
[
'op'
]
:
''
;
if
(
$op
==
t
(
'Preview'
))
{
// Invoke full validation for the form, to protect against cross site
// request forgeries (CSRF) and setting arbitrary values for fields such as
// the input format. Preview the node only when form validation does not
// set any errors.
drupal_validate_form
(
$form
[
'form_id'
][
'#value'
],
$form
);
if
(
!
form_get_errors
())
{
// Because the node preview may display a form, we must render it
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment