- Removed stripslashes(). See http://lists.drupal.org/pipermail/drupal-devel/2003-February/022233.html. Patch by Ax.
parent
f44fe74058
commit
8ae2520965
|
@ -340,8 +340,6 @@ function search_form($action = 0, $query = 0, $options = 0) {
|
|||
function search_data() {
|
||||
global $keys, $edit;
|
||||
|
||||
$keys = check_input($keys);
|
||||
|
||||
if (isset($keys)) {
|
||||
foreach (module_list() as $name) {
|
||||
if (module_hook($name, "search") && (!$edit["type"] || $edit["type"][$name]) && ($result = module_invoke($name, "search", check_query($keys)))) {
|
||||
|
@ -451,15 +449,15 @@ function referer_load() {
|
|||
}
|
||||
|
||||
function check_form($text) {
|
||||
return htmlspecialchars(stripslashes($text));
|
||||
return htmlspecialchars($text);
|
||||
}
|
||||
|
||||
function check_query($text) {
|
||||
return addslashes(stripslashes($text));
|
||||
return addslashes($text);
|
||||
}
|
||||
|
||||
function check_input($text) {
|
||||
return addslashes(stripslashes($text));
|
||||
return addslashes($text);
|
||||
}
|
||||
|
||||
function filter($text) {
|
||||
|
@ -511,8 +509,6 @@ function check_output($text) {
|
|||
// temporary: for development purpose
|
||||
$text = rewrite_old_urls($text);
|
||||
|
||||
$text = stripslashes($text);
|
||||
|
||||
if (strip_tags($text, "<a><i><b><u><tt><code><cite><strong><img>") == $text) {
|
||||
$text = nl2br($text);
|
||||
}
|
||||
|
|
|
@ -200,12 +200,6 @@ function book_form(&$node, &$help, &$error) {
|
|||
|
||||
$output = form_select(t("Parent"), "parent", $node->parent, book_toc(), t("The parent subject or category the page belongs in."));
|
||||
|
||||
if ($node->format) {
|
||||
if ($op != t("Preview")) {
|
||||
$node->body = addslashes($node->body);
|
||||
}
|
||||
}
|
||||
|
||||
if (function_exists("taxonomy_node_form")) {
|
||||
$output .= implode("", taxonomy_node_form("book", $node));
|
||||
}
|
||||
|
@ -341,18 +335,10 @@ function book_body($node) {
|
|||
global $op;
|
||||
|
||||
if ($node->format == 1) {
|
||||
/*
|
||||
** Make sure only authorized users can preview PHP pages.
|
||||
*/
|
||||
|
||||
if ($op == t("Preview")) {
|
||||
if (user_access("create php content")) {
|
||||
$node->body = stripslashes($node->body); // see also book_form()
|
||||
}
|
||||
else {
|
||||
// Make sure only authorized users can preview PHP pages.
|
||||
if ($op == t("Preview") && !user_access("create php content")) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
ob_start();
|
||||
eval($node->body);
|
||||
|
|
|
@ -200,12 +200,6 @@ function book_form(&$node, &$help, &$error) {
|
|||
|
||||
$output = form_select(t("Parent"), "parent", $node->parent, book_toc(), t("The parent subject or category the page belongs in."));
|
||||
|
||||
if ($node->format) {
|
||||
if ($op != t("Preview")) {
|
||||
$node->body = addslashes($node->body);
|
||||
}
|
||||
}
|
||||
|
||||
if (function_exists("taxonomy_node_form")) {
|
||||
$output .= implode("", taxonomy_node_form("book", $node));
|
||||
}
|
||||
|
@ -341,18 +335,10 @@ function book_body($node) {
|
|||
global $op;
|
||||
|
||||
if ($node->format == 1) {
|
||||
/*
|
||||
** Make sure only authorized users can preview PHP pages.
|
||||
*/
|
||||
|
||||
if ($op == t("Preview")) {
|
||||
if (user_access("create php content")) {
|
||||
$node->body = stripslashes($node->body); // see also book_form()
|
||||
}
|
||||
else {
|
||||
// Make sure only authorized users can preview PHP pages.
|
||||
if ($op == t("Preview") && !user_access("create php content")) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
ob_start();
|
||||
eval($node->body);
|
||||
|
|
Loading…
Reference in New Issue