[pLog-svn] r2462 - plog/branches/plog-1.0.2/templates/summary
Oscar Renalias
oscar at renalias.net
Sun Sep 11 16:24:49 GMT 2005
I agree.
Oscar
On 11 Sep 2005, at 18:51, Reto Hugi wrote:
> On 11.09.2005 17:20, Mark Wu wrote:
>
>> Hi Jon:
>>
>> I think we can change
>>
>> $this->_commentTopic = trim($this->_request->getValue
>> ( "commentTopic" ));
>>
>> To
>>
>> $this->_commentTopic =
>> trim(Textfilter::filterAllHTML($this->_request->getValue
>> ( "commentTopic"
>> )));
>>
>> It will be eaiser. Or we have to modify "All" template sets, that
>> will be a
>> big challenge for us :P
>>
>> Mark
>>
>
>
> yes, and please consider that it's better to apply security relevant
> filtering bevore storage. there are already too many (modified)
> templates in use, which won't be updated by their users even if they
> upgrade to 1.0.2.
>
> reto
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.plogworld.net
> http://devel.plogworld.net/mailman/listinfo/plog-svn
>
>
More information about the pLog-svn
mailing list