From fcb3c824a0ee2c750453de1ccc12dd4a9af8f0b0 Mon Sep 17 00:00:00 2001
From: rub <rub@piwigo.org>
Date: Thu, 7 Jun 2007 18:52:40 +0000
Subject: Resolved issue 0000702: Code Injection with picture comment

Merge BSF 2029:2030 into branch-1_7

git-svn-id: http://piwigo.org/svn/branches/branch-1_7@2031 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 include/common.inc.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include/common.inc.php')

diff --git a/include/common.inc.php b/include/common.inc.php
index 8c7c9d85d..1ab44143f 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -243,5 +243,6 @@ if (isset($conf['header_notes']))
 // default event handlers
 add_event_handler('render_comment_content', 'htmlspecialchars');
 add_event_handler('render_comment_content', 'parse_comment_content');
+add_event_handler('render_comment_author', 'strip_tags');
 trigger_action('init');
 ?>
-- 
cgit v1.2.3