diff options
| author | Frankie B <floppydisk05@aol.com> | 2022-10-02 17:56:56 +0000 |
|---|---|---|
| committer | Frankie B <floppydisk05@aol.com> | 2022-10-02 17:56:56 +0000 |
| commit | f01a1aaf1e6a518f944133306b69abc2cf24f83b (patch) | |
| tree | c040d90c2af7cf91b594ca544afd374d9b115cfe /guestbook/submit.php | |
| parent | 8f756be28b8dfed1f2fc5bee4fb8bb4f54654c5b (diff) | |
h
Diffstat (limited to 'guestbook/submit.php')
| -rwxr-xr-x | guestbook/submit.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/guestbook/submit.php b/guestbook/submit.php index 67659a6..a2b04cf 100755 --- a/guestbook/submit.php +++ b/guestbook/submit.php @@ -6,7 +6,7 @@ <?php require('../inc/head.html'); ?> <!-- Page-specific --> - <title>Bookmarks</title> + <title>Guestbook</title> <!--<link rel="shortcut icon" href="../res/img/icons/ico/calc.ico" type="image/x-icon">--> <!--<meta property="og:image" content="/res/img/icons/png/computer.png">--> </head> @@ -17,13 +17,13 @@ <div id="pagebody"> <div id="content"> <?php - // Open the DB - if ($_POST['name'] === "" || $_POST['message'] === "") { + $name = strip_tags($_POST["name"]); + $msg = strip_tags($_POST["message"]); + if ($msg === "" || $name === "" || strip_tags(htmlspecialchars_decode($msg)) === "") { echo '<b>You must provide both a name and message!</b>'; } else { $db = new PDO("sqlite:/mnt/data1/webdata/floppydisk/guestbook.db"); - $name = $_POST["name"]; - $msg = strip_tags($_POST["message"]); + $showinfo = isset($_POST["showinfo"]) ? true : false; $showip = isset($_POST["showip"]) ? true : false; $ip = $_SERVER['REMOTE_ADDR']; |