[pLog-svn] r5679 - plog/branches/lifetype-1.2/class/action/admin

oscar at devel.lifetype.net oscar at devel.lifetype.net
Wed Jul 18 17:58:25 EDT 2007 

Author: oscar
Date: 2007-07-18 17:58:25 -0400 (Wed, 18 Jul 2007)
New Revision: 5679

Modified:
   plog/branches/lifetype-1.2/class/action/admin/admineditcommentsaction.class.php
Log:
escaped the search terms before they are displayed in the page


Modified: plog/branches/lifetype-1.2/class/action/admin/admineditcommentsaction.class.php
===================================================================
--- plog/branches/lifetype-1.2/class/action/admin/admineditcommentsaction.class.php	2007-07-18 21:33:03 UTC (rev 5678)
+++ plog/branches/lifetype-1.2/class/action/admin/admineditcommentsaction.class.php	2007-07-18 21:58:25 UTC (rev 5679)
@@ -4,6 +4,7 @@
     lt_include( PLOG_CLASS_PATH."class/view/admin/adminarticlecommentslistview.class.php" );
 	lt_include( PLOG_CLASS_PATH."class/view/admin/adminpostslistview.class.php" );
     lt_include( PLOG_CLASS_PATH."class/data/validator/integervalidator.class.php" );
+    lt_include( PLOG_CLASS_PATH."class/data/filter/htmlspecialcharsfilter.class.php" );
 	
     /**
      * \ingroup Action
@@ -46,6 +47,8 @@
 			$showStatus = $this->_request->getValue( "showStatus" );
 			$searchTerms = $this->_request->getvalue( "searchTerms" );
 			
+			$f = new HtmlSpecialCharsFilter();
+			
 			if( $articleId && $articleId > 0 ) {
 				$articles = new Articles();
 				$article = $articles->getBlogArticle( $articleId, $this->_blogInfo->getId());
@@ -56,13 +59,13 @@
 				else
 					$this->_view = new $this->_viewClass( $this->_blogInfo, Array( "article" => $article,
 																				   "showStatus" => $showStatus,
-																				   "searchTerms" => $searchTerms ));
+																				   "searchTerms" => $f->filter( $searchTerms )));
 			}
 			else {
 				// if there is no article id, then we will show all comments from all posts...
 				$this->_view = new $this->_viewClass( $this->_blogInfo, Array( "article" => null,
 																			   "showStatus" => $showStatus,
-																			   "searchTerms" => $searchTerms ));					
+																			   "searchTerms" => $f->filter( $searchTerms )));					
 			}
 			
             $this->setCommonData();

More information about the pLog-svn mailing list