From f80612e03b5620c9fe45517bc897d50b6a46580b Mon Sep 17 00:00:00 2001
From: Frankie B <floppydisk05@aol.com>
Date: Sun, 2 Oct 2022 17:13:59 +0000
Subject: Minor crap

---
 guestbook/index.php  | 3 ---
 guestbook/submit.php | 5 +----
 2 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/guestbook/index.php b/guestbook/index.php
index 8ca20d5..3af0e6e 100755
--- a/guestbook/index.php
+++ b/guestbook/index.php
@@ -28,9 +28,6 @@
 		</form>
 
 		<?php
-		ini_set('display_errors', 1);
-		ini_set('display_startup_errors', 1);
-		error_reporting(E_ALL);
 		// Pain
 		$count_query = $db->prepare('SELECT COUNT(*) FROM Entries');
 		$count_query->execute();
diff --git a/guestbook/submit.php b/guestbook/submit.php
index 9187223..8c38dca 100755
--- a/guestbook/submit.php
+++ b/guestbook/submit.php
@@ -17,16 +17,13 @@
 <div id="pagebody">
 	<div id="content">
 		<?php
-		ini_set('display_errors', 1);
-		ini_set('display_startup_errors', 1);
-		error_reporting(E_ALL);
 		// Open the DB
 		if ($_POST['name'] === "" || $_POST['message'] === "") {
 		    echo '<b>You must provide both a name and message!</b>';
 		} else {
 		    $db = new PDO("sqlite:/mnt/data1/webdata/floppydisk/guestbook.db");
 		    $name = $_POST["name"];
-		    $msg = strip_tags($_POST["message"]);
+		    $msg = htmlspecialchars($_POST["message"]);
 		    $showinfo = isset($_POST["showinfo"]) ? true : false;
 		    $showip = isset($_POST["showip"]) ? true : false;
 		    $ip = $_SERVER['REMOTE_ADDR'];
-- 
cgit v1.2.3-54-g00ecf