appdb/. addcomment.php

[WineHQ]

ChangeSet ID:	26321
CVSROOT:	/opt/cvs-commit
Module name:	appdb
Changes by:	wineowner at winehq.org	2006/07/07 11:22:04

Modified files:
	.              : addcomment.php 

Log message:
	Jonathan Ernst <jonathan at ernstfamily.ch>
	Enable filtering in addcomment.php

Patch: http://cvs.winehq.org/patch.py?id=26321

Old revision  New revision  Changes     Path
 1.31          1.32          +1 -15      appdb/addcomment.php

Index: appdb/addcomment.php
diff -u -p appdb/addcomment.php:1.31 appdb/addcomment.php:1.32
--- appdb/addcomment.php:1.31	7 Jul 2006 16:22: 4 -0000
+++ appdb/addcomment.php	7 Jul 2006 16:22: 4 -0000
@@ -14,16 +14,10 @@
 // application environment
 include("path.php");
 require(BASE."include/incl.php");
+require(BASE."include/filter.php");
 require(BASE."include/application.php");
 require(BASE."include/mail.php");
 
-$aClean = array(); //array of filtered user input
-
-$aClean['iVersionId'] = makeSafe($_REQUEST['iVersionId']);
-$aClean['iThread'] = makeSafe($_REQUEST['iThread']);
-$aClean['sBody'] = makeSafe($_REQUEST['sBody']);
-$aClean['sSubject'] = makeSafe($_REQUEST['sSubject']);
-
 // you must be logged in to submit comments
 if(!$_SESSION['current']->isLoggedIn())
 {
@@ -32,14 +26,6 @@ if(!$_SESSION['current']->isLoggedIn())
   exit;
 }
 
-if( !is_numeric($aClean['iVersionId']) )
-    util_show_error_page_and_exit('Internal Database Access Error');
-
-if(!is_numeric($aClean['iThread']))
-{
-  $aClean['iThread'] = 0;
-}
-
 // the user submitted his comment
 if(!empty($aClean['sBody']))
 {