[pLog-svn] r2462 - plog/branches/plog-1.0.2/templates/summary
Reto Hugi
plog at hugi.to
Sun Sep 11 15:51:13 GMT 2005
On 11.09.2005 17:20, Mark Wu wrote:
> Hi Jon:
>
> I think we can change
>
> $this->_commentTopic = trim($this->_request->getValue( "commentTopic" ));
>
> To
>
> $this->_commentTopic =
> trim(Textfilter::filterAllHTML($this->_request->getValue( "commentTopic"
> )));
>
> It will be eaiser. Or we have to modify "All" template sets, that will be a
> big challenge for us :P
>
> Mark
yes, and please consider that it's better to apply security relevant
filtering bevore storage. there are already too many (modified)
templates in use, which won't be updated by their users even if they
upgrade to 1.0.2.
reto
More information about the pLog-svn
mailing list