From 0e468d936579bdcb0ca77257ba900c620ac10e86 Mon Sep 17 00:00:00 2001 From: Julio Montoya Date: Wed, 17 Feb 2010 11:18:13 -0500 Subject: [PATCH] Avoid Security::remove_XSS partial CT#586 --- main/forum/reply.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main/forum/reply.php b/main/forum/reply.php index 3e94b20416..bc5a8bc9f2 100755 --- a/main/forum/reply.php +++ b/main/forum/reply.php @@ -215,7 +215,7 @@ $my_elements = isset($_SESSION['formelements']) ? $_SESSION['formelements'] : '' $values=show_add_post_form(Security::remove_XSS($my_action,$my_post, $my_elements)); // note: this has to be cleaned first if (!empty($values) AND isset($_POST['SubmitPost'])) { - store_reply($values); + store_reply(Security::remove_XSS($values)); } /*