Revision 1457
Added by Dietmar almost 13 years ago
submit_comment.php | ||
---|---|---|
19 | 19 |
// Include config file |
20 | 20 |
require('../../config.php'); |
21 | 21 |
|
22 |
/*overwrite php.ini on Apache servers for valid SESSION ID Separator |
|
22 |
/* |
|
23 |
overwrite php.ini on Apache servers for valid SESSION ID Separator |
|
23 | 24 |
if(function_exists('ini_set')) { |
24 | 25 |
ini_set('arg_separator.output', '&'); |
25 | 26 |
} |
... | ... | |
27 | 28 |
|
28 | 29 |
require_once(WB_PATH.'/framework/class.wb.php'); |
29 | 30 |
$wb = new wb; |
31 |
|
|
32 |
/* |
|
30 | 33 |
$post_id = (int)$_GET['post_id']; |
31 | 34 |
$section_id = (int)$_GET['section_id']; |
32 | 35 |
if (!$wb->checkFTAN()) |
33 | 36 |
{ |
34 |
$wb->print_error('SC5::'.$MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL."/modules/news/comment.php?post_id=".$post_id."§ion_id=".$section_id); |
|
35 |
exit(); |
|
37 |
$wb->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], WB_URL."/modules/news/comment.php?post_id=".$post_id."§ion_id=".$section_id); |
|
36 | 38 |
} |
39 |
*/ |
|
40 |
// Get page id |
|
41 |
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']); |
|
42 |
$page_id = intval(isset(${$requestMethod}['page_id'])) ? ${$requestMethod}['page_id'] : (isset($page_id) ? intval($page_id) : 0); |
|
43 |
// Get post_id |
|
44 |
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']); |
|
45 |
$post_id = (intval(isset(${$requestMethod}['post_id'])) ? ${$requestMethod}['post_id'] : (isset($post_id) ? intval($post_id) : 0)); |
|
46 |
// Get section id if there is one |
|
47 |
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']); |
|
48 |
$section_id = intval(isset(${$requestMethod}['section_id'])) ? ${$requestMethod}['section_id'] : (isset($section_id) ? intval($section_id) : 0); |
|
37 | 49 |
|
38 | 50 |
// Check if we should show the form or add a comment |
39 | 51 |
if(isset($_GET['page_id']) AND is_numeric($_GET['page_id']) |
... | ... | |
56 | 68 |
// do not allow droplets in user input! |
57 | 69 |
$title = str_replace(array("[[", "]]"), array("[[", "]]"), $title); |
58 | 70 |
$comment = str_replace(array("[[", "]]"), array("[[", "]]"), $comment); |
71 |
|
|
59 | 72 |
$page_id = (int)$_GET['page_id']; |
60 | 73 |
$section_id = (int)$_GET['section_id']; |
61 | 74 |
$post_id = (int)$_GET['post_id']; |
... | ... | |
160 | 173 |
exit( 0 ); |
161 | 174 |
} |
162 | 175 |
} |
163 |
|
|
164 |
?> |
|
165 | 176 |
Also available in: Unified diff
Preparing 2.8.2 stable, last tests