diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/functions_session.inc.php | 2 | ||||
-rw-r--r-- | include/picture_comment.inc.php | 7 |
2 files changed, 2 insertions, 7 deletions
diff --git a/include/functions_session.inc.php b/include/functions_session.inc.php index 411b374bf..b4ee2d183 100644 --- a/include/functions_session.inc.php +++ b/include/functions_session.inc.php @@ -141,7 +141,7 @@ function pwg_session_write($session_id, $data) $query = ' REPLACE INTO '.SESSIONS_TABLE.' (id,data,expiration) - VALUES(\''.get_remote_addr_session_hash().$session_id.'\',\''.$data.'\',now()) + VALUES(\''.get_remote_addr_session_hash().$session_id.'\',\''.str_replace("'", "\'", $data).'\',now()) ;'; pwg_query($query); return true; diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php index 0273e7b71..70e2c7e95 100644 --- a/include/picture_comment.inc.php +++ b/include/picture_comment.inc.php @@ -228,16 +228,11 @@ SELECT if ($show_add_comment_form) { $key = get_ephemeral_key(3, $page['image_id']); - $content = ''; - if ('reject'===@$comment_action) - { - $content = htmlspecialchars( stripslashes($comm['content']) ); - } $template->assign('comment_add', array( 'F_ACTION' => $url_self, 'KEY' => $key, - 'CONTENT' => $content, + 'CONTENT' => null, 'SHOW_AUTHOR' => !is_classic_user() )); } |