Fix #102 - strip tags when saving incident
This commit is contained in:
parent
9eba848423
commit
570895c7bd
|
@ -83,8 +83,8 @@ class Incident implements JsonSerializable
|
||||||
global $mysqli, $message;
|
global $mysqli, $message;
|
||||||
$user_id = $_SESSION['user'];
|
$user_id = $_SESSION['user'];
|
||||||
$type = $_POST['type'];
|
$type = $_POST['type'];
|
||||||
$title = $_POST['title'];
|
$title = strip_tags($_POST['title']);
|
||||||
$text = $_POST['text'];
|
$text = strip_tags($_POST['text'], '<br>');
|
||||||
|
|
||||||
if (strlen($title)==0)
|
if (strlen($title)==0)
|
||||||
{
|
{
|
||||||
|
@ -217,4 +217,4 @@ class Incident implements JsonSerializable
|
||||||
"username" => $this->username
|
"username" => $this->username
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue