diff options
author | plegall <plg@piwigo.org> | 2010-07-27 12:37:12 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2010-07-27 12:37:12 +0000 |
commit | 41757b9e1aab9ff4b3a75ac37ac01dde604d57d1 (patch) | |
tree | be86409ac7deab19573f42ec30a8a72bae656d1a /admin/picture_modify.php | |
parent | 7a7569eda226df3a8d9a935b1e4a82a7902a7b80 (diff) |
bug 1757 fixed: ability to use HTML in author field
git-svn-id: http://piwigo.org/svn/branches/2.1@6713 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'admin/picture_modify.php')
-rw-r--r-- | admin/picture_modify.php | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/admin/picture_modify.php b/admin/picture_modify.php index a764f0bdb..4d15a9206 100644 --- a/admin/picture_modify.php +++ b/admin/picture_modify.php @@ -236,7 +236,11 @@ $template->assign( 'REGISTRATION_DATE' => format_date($row['date_available']), - 'AUTHOR' => isset($_POST['author']) ? $_POST['author'] : @$row['author'], + 'AUTHOR' => htmlspecialchars( + isset($_POST['author']) + ? stripslashes($_POST['author']) + : @$row['author'] + ), 'DESCRIPTION' => htmlspecialchars( isset($_POST['description']) ? |