Resolved issue 0000702: Code Injection with picture comment

git-svn-id: http://piwigo.org/svn/trunk@2030 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-06-07 18:50:25 +00:00 · 2007-06-07 18:50:25 +00:00 · 3fbc92f61e
commit 3fbc92f61e
parent 182fb00f8f
4 changed files with 6 additions and 4 deletions
--- a/comments.php
+++ b/comments.php
@ -411,7 +411,7 @@ SELECT id, name, permalink, uppercats
        'U_PICTURE' => $url,
        'TN_SRC' => $thumbnail_src,
        'ALT' => $name,
-        'AUTHOR' => $author,
+        'AUTHOR' => trigger_event('render_comment_author', $author),
        'DATE'=>format_date($comment['date'],'mysql_datetime',true),
        'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
        ));