diff options
Diffstat (limited to 'mod/item.php')
-rw-r--r-- | mod/item.php | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/mod/item.php b/mod/item.php index 659afef68..1c0c6c53b 100644 --- a/mod/item.php +++ b/mod/item.php @@ -343,8 +343,9 @@ function item_post(&$a) { $coord = $orig_post['coord']; $verb = $orig_post['verb']; $app = $orig_post['app']; - $title = $_REQUEST['title']; - $body = $_REQUEST['body']; + $title = escape_tags(trim($_REQUEST['title'])); + $body = trim($_REQUEST['body']); + $item_flags = $orig_post['item_flags']; $item_origin = $orig_post['item_origin']; $item_unseen = $orig_post['item_unseen']; @@ -832,7 +833,7 @@ function item_post(&$a) { if(array_key_exists('item_private',$datarray) && $datarray['item_private']) { - $datarray['body'] = z_input_filter($datarray['uid'],$datarray['body'],$datarray['mimetype']); + $datarray['body'] = trim(z_input_filter($datarray['uid'],$datarray['body'],$datarray['mimetype'])); if($uid) { if($channel['channel_hash'] === $datarray['author_xchan']) { @@ -1137,7 +1138,7 @@ function fix_attached_file_permissions($channel,$observer_hash,$body, } function item_check_service_class($channel_id,$iswebpage) { - $ret = array('success' => false, $message => ''); + $ret = array('success' => false, 'message' => ''); if ($iswebpage) { $r = q("select count(i.id) as total from item i |