aboutsummaryrefslogtreecommitdiff
path: root/guestbook
diff options
context:
space:
mode:
authorFrankie B <floppydisk05@aol.com>2022-10-02 17:56:56 +0000
committerFrankie B <floppydisk05@aol.com>2022-10-02 17:56:56 +0000
commitf01a1aaf1e6a518f944133306b69abc2cf24f83b (patch)
treec040d90c2af7cf91b594ca544afd374d9b115cfe /guestbook
parent8f756be28b8dfed1f2fc5bee4fb8bb4f54654c5b (diff)
h
Diffstat (limited to 'guestbook')
-rwxr-xr-xguestbook/index.php2
-rwxr-xr-xguestbook/submit.php10
2 files changed, 6 insertions, 6 deletions
diff --git a/guestbook/index.php b/guestbook/index.php
index a24c235..9cf3fdb 100755
--- a/guestbook/index.php
+++ b/guestbook/index.php
@@ -6,7 +6,7 @@
<?php require('../inc/head.html'); ?>
<!-- Page-specific -->
- <title>Bookmarks</title>
+ <title>Guestbook</title>
<!--<link rel="shortcut icon" href="../res/img/icons/ico/calc.ico" type="image/x-icon">-->
<meta property="og:title" content="Guestbook">
<meta property="og:description" content="h">
diff --git a/guestbook/submit.php b/guestbook/submit.php
index 67659a6..a2b04cf 100755
--- a/guestbook/submit.php
+++ b/guestbook/submit.php
@@ -6,7 +6,7 @@
<?php require('../inc/head.html'); ?>
<!-- Page-specific -->
- <title>Bookmarks</title>
+ <title>Guestbook</title>
<!--<link rel="shortcut icon" href="../res/img/icons/ico/calc.ico" type="image/x-icon">-->
<!--<meta property="og:image" content="/res/img/icons/png/computer.png">-->
</head>
@@ -17,13 +17,13 @@
<div id="pagebody">
<div id="content">
<?php
- // Open the DB
- if ($_POST['name'] === "" || $_POST['message'] === "") {
+ $name = strip_tags($_POST["name"]);
+ $msg = strip_tags($_POST["message"]);
+ if ($msg === "" || $name === "" || strip_tags(htmlspecialchars_decode($msg)) === "") {
echo '<b>You must provide both a name and message!</b>';
} else {
$db = new PDO("sqlite:/mnt/data1/webdata/floppydisk/guestbook.db");
- $name = $_POST["name"];
- $msg = strip_tags($_POST["message"]);
+
$showinfo = isset($_POST["showinfo"]) ? true : false;
$showip = isset($_POST["showip"]) ? true : false;
$ip = $_SERVER['REMOTE_ADDR'];