Commit ce9a30b5 authored by webchick's avatar webchick
Browse files

Issue #601776 follow-up by David_Rothstein: Further security hardening of contact form emails.

parent 15b8ea1b
...@@ -88,12 +88,12 @@ function contact_site_form($form, &$form_state) { ...@@ -88,12 +88,12 @@ function contact_site_form($form, &$form_state) {
$form['name_display'] = array( $form['name_display'] = array(
'#type' => 'item', '#type' => 'item',
'#title' => t('Your name'), '#title' => t('Your name'),
'#markup' => $form['name']['#default_value'], '#markup' => check_plain($form['name']['#default_value']),
); );
$form['mail_display'] = array( $form['mail_display'] = array(
'#type' => 'item', '#type' => 'item',
'#title' => t('Your e-mail address'), '#title' => t('Your e-mail address'),
'#markup' => $form['mail']['#default_value'], '#markup' => check_plain($form['mail']['#default_value']),
); );
} }
$form['subject'] = array( $form['subject'] = array(
...@@ -243,12 +243,12 @@ function contact_personal_form($form, &$form_state, $recipient) { ...@@ -243,12 +243,12 @@ function contact_personal_form($form, &$form_state, $recipient) {
$form['name_display'] = array( $form['name_display'] = array(
'#type' => 'item', '#type' => 'item',
'#title' => t('Your name'), '#title' => t('Your name'),
'#markup' => $form['name']['#default_value'], '#markup' => check_plain($form['name']['#default_value']),
); );
$form['mail_display'] = array( $form['mail_display'] = array(
'#type' => 'item', '#type' => 'item',
'#title' => t('Your e-mail address'), '#title' => t('Your e-mail address'),
'#markup' => $form['mail']['#default_value'], '#markup' => check_plain($form['mail']['#default_value']),
); );
} }
$form['to'] = array( $form['to'] = array(
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment