]> ruin.nu Git - ndwebbie.git/commitdiff
projects / ndwebbie.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 286e757)
escape previews
authorMichael Andreen <harv@ruin.nu>
Mon, 29 Jan 2007 22:13:03 +0000 (22:13 +0000)
committerMichael Andreen <harv@ruin.nu>
Mon, 29 Jan 2007 22:13:03 +0000 (22:13 +0000)
ND/Web/Forum.pm patch | blob | history

diff --git a/ND/Web/Forum.pm b/ND/Web/Forum.pm
index 76adfb2915560654bf96268d48d6d32751204605..a7804744ddf7bab6a02e944e14d2e742c12ba463 100644 (file)
--- a/ND/Web/Forum.pm
+++ b/ND/Web/Forum.pm
@@ -58,7 +58,7 @@ ORDER BY fp.time ASC
                my $text = parseMarkup(escapeHTML(param('message')));
                $text .= p b $@ if $@;
                push @posts,{message => $text, unread => 1, username => 'PREVIEW', Time => 'Not submitted yet', NewPosts => $old ? 1 : 0};
-               $template->param(Message => param('message'));
+               $template->param(Message => escapeHTML param('message'));
        }
        $template->param(Posts => \@posts);
 
The ND webbie, with scripts and database schemas