[pLog-svn] r6503 - plugins/branches/lifetype-1.2/editcomments/class/action
jondaley at devel.lifetype.net
jondaley at devel.lifetype.net
Thu Jun 5 06:51:52 EDT 2008
Author: jondaley
Date: 2008-06-05 06:51:52 -0400 (Thu, 05 Jun 2008)
New Revision: 6503
Modified:
plugins/branches/lifetype-1.2/editcomments/class/action/adminupdatecommentaction.class.php
Log:
we need to manually filter the ids since we are grabbing them in the constructor. a 'real' Filter() would be better, but 1.2 doesn't have very many filters available. We'll need to add them in 2.0
Modified: plugins/branches/lifetype-1.2/editcomments/class/action/adminupdatecommentaction.class.php
===================================================================
--- plugins/branches/lifetype-1.2/editcomments/class/action/adminupdatecommentaction.class.php 2008-06-05 10:49:33 UTC (rev 6502)
+++ plugins/branches/lifetype-1.2/editcomments/class/action/adminupdatecommentaction.class.php 2008-06-05 10:51:52 UTC (rev 6503)
@@ -36,7 +36,8 @@
// articleId is needed, even on a cancel operation
$this->registerFieldValidator("articleId", new IntegerValidator());
- $this->_articleId = $this->_request->getValue( "articleId" );
+ // should use a filter instead
+ $this->_articleId = preg_replace("/[^0-9]/", "", $this->_request->getValue( "articleId" ));
if($this->_op == "updateComment"){
$this->registerFieldValidator("commentId", new IntegerValidator());
@@ -48,8 +49,9 @@
$this->registerFieldValidator("authorUrl", new HttpUrlValidator(), true);
$this->registerFieldValidator("commentDateTime", new StringValidator(false));
$this->registerFieldValidator("commentIp", new StringValidator(false));
-
- $this->_commentId = $this->_request->getValue("commentId");
+
+ // should use a filter instead
+ $this->_commentId = preg_replace("/[^0-9]/", "", $this->_request->getValue("commentId"));
$view = new AdminEditCommentView($this->_blogInfo, $this->_commentId);
$view->setErrorMessage( $this->_locale->tr("pluginEditCommentsInvalidData"));
More information about the pLog-svn
mailing list