Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 521 → Rev 522

/blog/edit-post.php
59,15 → 59,15
<table>
<tr>
<td class="bold">Title: </td>
<td><input type="text" name="title" value="<?php echo $post->title; ?>"/></td>
<td><input type="text" name="title" value="<?php echo htmlentities($post->title, ENT_QUOTES); ?>"/></td>
</tr>
<tr>
<td class="bold">Content: </td>
<td><textarea name="content"><?php echo $post->content; ?></textarea></td>
<td><textarea name="content"><?php echo htmlentities($post->content, ENT_QUOTES); ?></textarea></td>
</tr>
<tr>
<td class="bold">Catagory: </td>
<td><input type="text" name="category" value="<?php echo $post->category; ?>" /></td>
<td><input type="text" name="category" value="<?php echo htmlentities($post->category, ENT_QUOTES); ?>" /></td>
</tr>
 
<?php
/blog/index.php
21,7 → 21,7
if (isset($_GET['cat'])) {
$query = $query . " AND Category = ?";
array_push($args, $_GET['cat']);
write('<p>Only showing blog posts from the ' . $_GET['cat'] . ' category. <a href="index.php">Reset Filtering</a></p><br />');
write('<p>Only showing blog posts from the ' . htmlentities($_GET['cat'], ENT_QUOTES) . ' category. <a href="index.php">Reset Filtering</a></p><br />');
}
 
if (!$page->isUserGM($page->getLoggedInUser())) {
35,8 → 35,8
 
$ids2 = $page->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
write('<a href="post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
write('<a href="post.php?id=' . $id . '"><h3>' . htmlentities($post->title, ENT_QUOTES). '</h3></a>');
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . htmlentities($post->user->name, ENT_QUOTES) . ' (' . htmlentities($post->user->username, ENT_QUOTES) . ')</h5>');
write('<p>' . $page->replaceBBCode($post->content) . '</p>');
write('<h5 style="color: #666666;"><a href="post.php?id=' . $id . '">' . count($ids2) . ' Comments</a></h5>');
write('<br />');
/blog/post.php
9,7 → 9,7
$page->redirect('index.php');
}
 
$page->title = 'Blog Post &middot; ' . $page->getBlogPost($page->getGetID())->title;
$page->title = 'Blog Post &middot; ' . htmlentities($page->getBlogPost($page->getGetID())->title, ENT_QUOTES);
 
$page->drawHeader();
$page->drawBlogCategoriesMenu();
/blog/rss.php
20,7 → 20,7
$post = $page->getBlogPost($id);
write('<item>');
write('<title>' . $post->title . '</title>');
write('<title>' . htmlentities($post->title, ENT_QUOTES) . '</title>');
write('<link>http://tim32.org/blog/post.php?id=' . $id . '</link>');
write('<guid>' . $id . '</guid>');
write('<pubDate>' . date('D, d M Y H:i:s O', $post->datePosted). '</pubDate>');