Revision 1868
Added by Dietmar over 11 years ago
comment_page.php | ||
---|---|---|
61 | 61 |
$values = array(POST_TITLE, $MOD_NEWS['TEXT_COMMENT']); |
62 | 62 |
echo str_replace($vars, $values, ($settings['comments_page'])); |
63 | 63 |
?> |
64 |
<form name="comment" action="<?php echo WB_URL.'/modules/news/submit_comment.php?page_id='.PAGE_ID.'&section_id='.SECTION_ID.'&post_id='.POST_ID; ?>" method="post">
|
|
64 |
<form action="<?php echo WB_URL.'/modules/news/submit_comment.php?page_id='.PAGE_ID.'&section_id='.SECTION_ID.'&post_id='.POST_ID; ?>" method="post"> |
|
65 | 65 |
<?php if(ENABLED_ASP) { // add some honeypot-fields |
66 | 66 |
?> |
67 | 67 |
<input type="hidden" name="submitted_when" value="<?php $t=time(); echo $t; $_SESSION['submitted_when']=$t; ?>" /> |
Also available in: Unified diff
! change mysql_esc_string to WbDatabase::getInstance()->escapeStrinng()