]> git.llucax.com Git - software/blitiri.git/commitdiff
projects / software / blitiri.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3712946)
Store the sanitized form data when commenting online
authorLeandro Lucarella <luca@llucax.com.ar>
Wed, 13 Aug 2008 21:15:38 +0000 (18:15 -0300)
committerLeandro Lucarella <luca@llucax.com.ar>
Mon, 25 Aug 2008 17:41:51 +0000 (14:41 -0300)
When storing a comment, we should use the validated data instead of
the raw one.

blitiri.cgi patch | blob | history

diff --git a/blitiri.cgi b/blitiri.cgi
index 1ae70ff351bf7dee7432a33492480f5dae3ea763..e69789f900192b66018416aa2d395a6503d3c6f1 100755 (executable)
--- a/blitiri.cgi
+++ b/blitiri.cgi
@@ -1139,7 +1139,8 @@ def handle_cgi():
                                                % (line, desc)
                                valid = False
                if valid:
-                       c = article.add_comment(author, body, link)
+                       c = article.add_comment(form_data.author,
+                                       form_data.body, form_data.link)
                        c.save()
                        cdb = CommentDB(article)
                        cdb.comments = article.comments
Single-file blog engine