From fcb3c824a0ee2c750453de1ccc12dd4a9af8f0b0 Mon Sep 17 00:00:00 2001 From: rub Date: Thu, 7 Jun 2007 18:52:40 +0000 Subject: Resolved issue 0000702: Code Injection with picture comment Merge BSF 2029:2030 into branch-1_7 git-svn-id: http://piwigo.org/svn/branches/branch-1_7@2031 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/common.inc.php | 1 + 1 file changed, 1 insertion(+) (limited to 'include/common.inc.php') diff --git a/include/common.inc.php b/include/common.inc.php index 8c7c9d85d..1ab44143f 100644 --- a/include/common.inc.php +++ b/include/common.inc.php @@ -243,5 +243,6 @@ if (isset($conf['header_notes'])) // default event handlers add_event_handler('render_comment_content', 'htmlspecialchars'); add_event_handler('render_comment_content', 'parse_comment_content'); +add_event_handler('render_comment_author', 'strip_tags'); trigger_action('init'); ?> -- cgit v1.2.3