diff --git a/includes/comment.inc b/includes/comment.inc index dc5bbd48a75..d5ccda1125c 100644 --- a/includes/comment.inc +++ b/includes/comment.inc @@ -55,14 +55,14 @@ function comment_form($edit) { $form .= form_item(t("Your name"), format_username($user->userid)); // subject field: - $form .= form_textfield(t("Subject"), "subject", check_output($edit[subject]), 50, 60); + $form .= form_textfield(t("Subject"), "subject", $edit[subject], 50, 64); // comment field: - $form .= form_textarea(t("Comment"), "comment", check_output($edit[comment] ? $edit[comment] : $user->signature), 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", ""))); + $form .= form_textarea(t("Comment"), "comment", $edit[comment] ? $edit[comment] : $user->signature, 70, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", ""))); // preview button: - $form .= form_hidden("pid", check_output($edit[pid])); - $form .= form_hidden("id", check_output($edit[id])); + $form .= form_hidden("pid", $edit[pid]); + $form .= form_hidden("id", $edit[id]); if (!$edit[comment]) { $form .= form_submit(t("Preview comment")); diff --git a/includes/node.inc b/includes/node.inc index 47a317547dd..b882d074035 100644 --- a/includes/node.inc +++ b/includes/node.inc @@ -234,13 +234,10 @@ function node_index($node) { return $node->attributes ? implode(" / ", node_attributes_view($node->attributes)) : " "; } -function node_visible($node) { +function node_access($node) { global $user, $status; return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->id) || user_access("administer nodes"); } -function node_access($account, $node) { - return strstr($node->moderate, $account->userid); -} ?> \ No newline at end of file diff --git a/node.php b/node.php index 45fd14162a3..afb9472b809 100644 --- a/node.php +++ b/node.php @@ -91,7 +91,7 @@ if ($number > 1) { $result = db_query("SELECT n.*, u.userid FROM node n LEFT JOIN users u ON n.author = u.id WHERE n.title = '$title'"); while ($node = db_fetch_object($result)) { - if (node_visible($node)) { + if (node_access($node)) { $output .= "

nid\">". check_output($node->title) ."
$node->type - ". format_username($node->userid) ." - ". format_date($node->timestamp, "small") ."

"; } } @@ -102,7 +102,7 @@ if ($number > 1) { } elseif ($number) { $node = ($title ? node_get_object(array("title" => $title)) : node_get_object(array("nid" => ($edit[id] ? $edit[id] : $id)))); - if ($node && node_visible($node)) { + if ($node && node_access($node)) { switch ($op) { case "history": $theme->header();