diff --git a/lib/function.php b/lib/function.php index 5696e7c..4fa0b86 100644 --- a/lib/function.php +++ b/lib/function.php @@ -1070,6 +1070,7 @@ function moodlist($sel = 0, $return = false) { if ($return) return $a; $c[$sel] = " checked"; + $ret = ""; if ($log && $loguser['moodurl']) $ret = ' @@ -1093,8 +1094,8 @@ function moodlist($sel = 0, $return = false) { foreach($a as $num => $name) { $jsclick = (($log && $loguser['moodurl']) ? "onclick='avatarpreview($loguserid,$num)'" : ""); - $ret .= " -
\r\n"; + $ret .= " +
\r\n"; } if (!$sel || !$log || !$loguser['moodurl']) diff --git a/lib/threadpost.php b/lib/threadpost.php index 052e0ec..492b3c5 100644 --- a/lib/threadpost.php +++ b/lib/threadpost.php @@ -40,7 +40,7 @@ $post['text']=doreplace2($post['text'], $post['options']); // if (strpos($post['text'], "http://hyperhacker.no-ip.org/b/smilies/lolface.png") || strpos($post['text'], "images/smilies/roflx.gif")) $post['text'] = "

(Excessive post content hidden)"; - if ($post['editdate']) { + if (filter_int($post['editdate'])) { $post['edited'] = " (last edited by {$post['edited']} at ".date($dateformat,$post['editdate']+$tzoff).")"; } @@ -80,12 +80,12 @@ } if($loguser['viewsig']!=2){ - if($headid=$post['headid']) { + if($headid=filter_int($post['headid'])) { // just in case if($postl[$headid] === NULL) $postl[$headid]=$sql->resultq("SELECT text FROM postlayouts WHERE id=$headid"); $post['headtext']=$postl[$headid]; } - if($signid=$post['signid']) { + if($signid=filter_int($post['signid'])) { // just in case if($postl[$signid] === NULL) $postl[$signid]=$sql->resultq("SELECT text FROM postlayouts WHERE id=$signid"); $post['signtext']=$postl[$signid]; diff --git a/tlayouts/regular.php b/tlayouts/regular.php index ef6819d..4bf178f 100644 --- a/tlayouts/regular.php +++ b/tlayouts/regular.php @@ -54,7 +54,7 @@ } - $reinf=syndrome($post['act']); + $reinf=syndrome(filter_int($post['act'])); if ($post['lastposttime']) { $sincelastpost = 'Since last post: '.timeunits(ctime()-$post['lastposttime']);