aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xguestbook/index.php3
-rwxr-xr-xguestbook/submit.php5
2 files changed, 1 insertions, 7 deletions
diff --git a/guestbook/index.php b/guestbook/index.php
index 8ca20d5..3af0e6e 100755
--- a/guestbook/index.php
+++ b/guestbook/index.php
@@ -28,9 +28,6 @@
</form>
<?php
- ini_set('display_errors', 1);
- ini_set('display_startup_errors', 1);
- error_reporting(E_ALL);
// Pain
$count_query = $db->prepare('SELECT COUNT(*) FROM Entries');
$count_query->execute();
diff --git a/guestbook/submit.php b/guestbook/submit.php
index 9187223..8c38dca 100755
--- a/guestbook/submit.php
+++ b/guestbook/submit.php
@@ -17,16 +17,13 @@
<div id="pagebody">
<div id="content">
<?php
- ini_set('display_errors', 1);
- ini_set('display_startup_errors', 1);
- error_reporting(E_ALL);
// Open the DB
if ($_POST['name'] === "" || $_POST['message'] === "") {
echo '<b>You must provide both a name and message!</b>';
} else {
$db = new PDO("sqlite:/mnt/data1/webdata/floppydisk/guestbook.db");
$name = $_POST["name"];
- $msg = strip_tags($_POST["message"]);
+ $msg = htmlspecialchars($_POST["message"]);
$showinfo = isset($_POST["showinfo"]) ? true : false;
$showip = isset($_POST["showip"]) ? true : false;
$ip = $_SERVER['REMOTE_ADDR'];
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-01 21:34:51 +0000