diff options
| author | Friendika <info@friendika.com> | 2011-06-23 15:58:43 -0700 |
|---|---|---|
| committer | Friendika <info@friendika.com> | 2011-06-23 15:58:43 -0700 |
| commit | 5633430a19624423ddd98655518d8a765f081230 (patch) | |
| tree | bf954c96cfb9de5a99bc5a4a8f0b08782be788a2 /mod | |
| parent | 0e809b930173e284bf4abaa958616b4d3aa9ed07 (diff) | |
| download | volse-hubzilla-5633430a19624423ddd98655518d8a765f081230.tar.gz volse-hubzilla-5633430a19624423ddd98655518d8a765f081230.tar.bz2 volse-hubzilla-5633430a19624423ddd98655518d8a765f081230.zip | |
don't allow tags in app source
Diffstat (limited to 'mod')
| -rw-r--r-- | mod/item.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/mod/item.php b/mod/item.php index 9d7b954a8..22eba7b3f 100644 --- a/mod/item.php +++ b/mod/item.php @@ -61,7 +61,7 @@ function item_post(&$a) { $profile_uid = ((x($_POST,'profile_uid')) ? intval($_POST['profile_uid']) : 0); $post_id = ((x($_POST['post_id'])) ? intval($_POST['post_id']) : 0); - $app = ((x($_POST['source'])) ? notags($_POST['source']) : ''); + $app = ((x($_POST['source'])) ? strip_tags($_POST['source']) : ''); if(! can_write_wall($a,$profile_uid)) { notice( t('Permission denied.') . EOL) ; |