[svn r20801] minor - logic changes - replace COURSEMANAGER by COURSEMANAGERLOWSECURITY in message tool - (partial FS#3909)

16 years ago · c49056ed7f
parent e91126a20c
commit c49056ed7f
2 changed files with 2 additions and 2 deletions
--- a/main/messages/inbox.php
+++ b/main/messages/inbox.php
@ -99,7 +99,7 @@ if (isset($_GET['form_reply']) || isset($_GET['form_delete'])) {
 		$title     = api_convert_encoding(urldecode($info_reply[0]),'UTF-8',$charset);
 		$content   = api_convert_encoding(str_replace("\\","",urldecode($info_reply[1])),'UTF-8',$charset);
 		$title     = Security::remove_XSS($title);
-		$content   = Security::remove_XSS($content,COURSEMANAGER);
+		$content   = Security::remove_XSS($content,COURSEMANAGERLOWSECURITY);

 		$user_reply= $info_reply[2];
 		$user_email_base=str_replace(')','(',$info_reply[5]);
--- a/main/messages/send_message.php
+++ b/main/messages/send_message.php
@ -37,7 +37,7 @@ if (api_is_anonymous()) {

 $user_id=intval($_POST['user_id']);
 $panel_id=intval($_POST['panel_id']);
-$content_message=Security::remove_XSS($_POST['txt_content'],COURSEMANAGER); //check this is filtered on output
+$content_message=Security::remove_XSS($_POST['txt_content'],COURSEMANAGERLOWSECURITY); //check this is filtered on output
 $subject_message=Security::remove_XSS($_POST['txt_subject']); //check this is filtered on output
 $user_info=array();
 $user_info=api_get_user_info($user_id);