diff options
Diffstat (limited to 'guestbook')
-rwxr-xr-x | guestbook/index.php | 2 | ||||
-rwxr-xr-x | guestbook/submit.php | 10 |
2 files changed, 6 insertions, 6 deletions
diff --git a/guestbook/index.php b/guestbook/index.php index a24c235..9cf3fdb 100755 --- a/guestbook/index.php +++ b/guestbook/index.php @@ -6,7 +6,7 @@ <?php require('../inc/head.html'); ?> <!-- Page-specific --> - <title>Bookmarks</title> + <title>Guestbook</title> <!--<link rel="shortcut icon" href="../res/img/icons/ico/calc.ico" type="image/x-icon">--> <meta property="og:title" content="Guestbook"> <meta property="og:description" content="h"> diff --git a/guestbook/submit.php b/guestbook/submit.php index 67659a6..a2b04cf 100755 --- a/guestbook/submit.php +++ b/guestbook/submit.php @@ -6,7 +6,7 @@ <?php require('../inc/head.html'); ?> <!-- Page-specific --> - <title>Bookmarks</title> + <title>Guestbook</title> <!--<link rel="shortcut icon" href="../res/img/icons/ico/calc.ico" type="image/x-icon">--> <!--<meta property="og:image" content="/res/img/icons/png/computer.png">--> </head> @@ -17,13 +17,13 @@ <div id="pagebody"> <div id="content"> <?php - // Open the DB - if ($_POST['name'] === "" || $_POST['message'] === "") { + $name = strip_tags($_POST["name"]); + $msg = strip_tags($_POST["message"]); + if ($msg === "" || $name === "" || strip_tags(htmlspecialchars_decode($msg)) === "") { echo '<b>You must provide both a name and message!</b>'; } else { $db = new PDO("sqlite:/mnt/data1/webdata/floppydisk/guestbook.db"); - $name = $_POST["name"]; - $msg = strip_tags($_POST["message"]); + $showinfo = isset($_POST["showinfo"]) ? true : false; $showip = isset($_POST["showip"]) ? true : false; $ip = $_SERVER['REMOTE_ADDR']; |