@ -229,13 +229,13 @@ class MessageManager
}
if (!empty($receiver_user_id) || !empty($group_id)) {
// message for user friend
$subject = api_convert_encoding($subject, $charset, 'utf-8' );
$subject = api_convert_encoding($subject, $charset);
$subject = Database::escape_string($subject);
$content = api_convert_encoding($content, $charset, 'utf-8' );
$content = api_convert_encoding($content, $charset);
$content = Database::escape_string($content);
$content = Security::remove_XSS($content);
//$content = Security::remove_XSS($content);
//useless query
//echo $sql = "SELECT COUNT(*) as count FROM $table_message WHERE user_sender_id = ".$user_sender_id." AND user_receiver_id='$receiver_user_id' AND title = '$title' AND content ='$content' AND group_id = '$group_id' AND parent_id = '$parent_id'";
@ -607,7 +607,6 @@ class MessageManager
}
$class = 'class = "read"';
$result[2] = Security::remove_XSS($result[2]);
if ($request===true) {
@ -765,6 +764,7 @@ class MessageManager
*/
public static function show_message_box_sent () {
global $charset;
$table_message = Database::get_main_table(TABLE_MESSAGE);
$tbl_message_attach = Database::get_main_table(TABLE_MESSAGE_ATTACHMENT);
Ricardo Rodriguez
15 years ago