Project

General

Profile

« Previous | Next » 

Revision 1457

Added by Dietmar almost 13 years ago

Preparing 2.8.2 stable, last tests

View differences:

submit_comment.php
19 19 
// Include config file
20 20 
require('../../config.php');
21 21 

  		




  22
  
  
    
/*overwrite php.ini on Apache servers for valid SESSION ID Separator


  		




  
  22
  
    
/*


  		




  
  23
  
    
overwrite php.ini on Apache servers for valid SESSION ID Separator


  		




  23
  24
  
    
if(function_exists('ini_set')) {


  		




  24
  25
  
    
	ini_set('arg_separator.output', '&');


  		




  25
  26
  
    
}


  		




  ......




  27
  28
  
    

  		




  28
  29
  
    
require_once(WB_PATH.'/framework/class.wb.php');


  		




  29
  30
  
    
$wb = new wb;


  		




  
  31
  
    

  		




  
  32
  
    
/*


  		




  30
  33
  
    
$post_id = (int)$_GET['post_id'];


  		




  31
  34
  
    
$section_id = (int)$_GET['section_id'];


  		




  32
  35
  
    
if (!$wb->checkFTAN())


  		




  33
  36
  
    
{


  		




  34
  
  
    
	$wb->print_error('SC5::'.$MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL."/modules/news/comment.php?post_id=".$post_id."&section_id=".$section_id);


  		




  35
  
  
    
	exit();


  		




  
  37
  
    
	$wb->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL."/modules/news/comment.php?post_id=".$post_id."&section_id=".$section_id);


  		




  36
  38
  
    
}


  		




  
  39
  
    
 */


  		




  
  40
  
    
// Get page id


  		




  
  41
  
    
	$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);


  		




  
  42
  
    
	$page_id = intval(isset(${$requestMethod}['page_id'])) ? ${$requestMethod}['page_id'] : (isset($page_id) ? intval($page_id) : 0);


  		




  
  43
  
    
// Get post_id


  		




  
  44
  
    
	$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);


  		




  
  45
  
    
	$post_id = (intval(isset(${$requestMethod}['post_id'])) ? ${$requestMethod}['post_id'] : (isset($post_id) ? intval($post_id) : 0));


  		




  
  46
  
    
// Get section id if there is one


  		




  
  47
  
    
	$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);


  		




  
  48
  
    
	$section_id = intval(isset(${$requestMethod}['section_id'])) ? ${$requestMethod}['section_id'] : (isset($section_id) ? intval($section_id) : 0);


  		




  37
  49
  
    

  		




  38
  50
  
    
// Check if we should show the form or add a comment


  		




  39
  51
  
    
if(isset($_GET['page_id']) AND is_numeric($_GET['page_id'])


  		




  ......




  56
  68
  
    
	// do not allow droplets in user input!


  		




  57
  69
  
    
	$title = str_replace(array("[[", "]]"), array("[[", "]]"), $title);


  		




  58
  70
  
    
	$comment = str_replace(array("[[", "]]"), array("[[", "]]"), $comment);


  		




  
  71
  
    

  		




  59
  72
  
    
	$page_id = (int)$_GET['page_id'];


  		




  60
  73
  
    
	$section_id = (int)$_GET['section_id'];


  		




  61
  74
  
    
	$post_id = (int)$_GET['post_id'];


  		




  ......




  160
  173
  
    
	    exit( 0 );


  		




  161
  174
  
    
    }


  		




  162
  175
  
    
}


  		




  163
  
  
    

  		




  164
  
  
    
?>


  		




  165
  176
  
    

  		












Also available in:  Unified diff