$parser = new XML_HTMLSax();
$parser->set_object($handler);
$parser->set_element_handler('openHandler','closeHandler');
-
+
$my_files = array();
$parser->parse($body);
$my_files = array_unique($my_files);
$a4a = new A4a($cid);
$db_primary_resources = $a4a->getPrimaryResources();
-
+
// clean up the removed resources
foreach ($db_primary_resources as $primary_rid=>$db_resource){
//if this file from our table is not found in the $resource, then it's not used.
// save all changes to the DB
function save_changes($redir, $current_tab) {
- global $contentManager, $db, $addslashes, $msg;
+ global $contentManager, $db, $addslashes, $msg, $stripslashes;
$_POST['pid'] = intval($_POST['pid']);
$_POST['cid'] = intval($_POST['cid']);
$_POST['title'] = trim($_POST['title']);
$_POST['head'] = trim($_POST['head']);
$_POST['use_customized_head'] = isset($_POST['use_customized_head'])?$_POST['use_customized_head']:0;
- $_POST['body_text'] = trim($_POST['body_text']);
+ $_POST['body_text'] = $stripslashes(trim($_POST['body_text']));
$_POST['weblink_text'] = trim($_POST['weblink_text']);
$_POST['formatting'] = intval($_POST['formatting']);
- $_POST['keywords'] = trim($_POST['keywords']);
+ $_POST['keywords'] = $stripslashes(trim($_POST['keywords']));
$_POST['test_message'] = trim($_POST['test_message']);
$_POST['allow_test_export'] = intval($_POST['allow_test_export']);
$msg->addFeedback('FILE_PASTED');
} else if ($ext == 'txt') {
$_POST['body_text'] = file_get_contents($_FILES['uploadedfile_paste']['tmp_name']);
- //LAW
-// debug($_POST);
$msg->addFeedback('FILE_PASTED');
}
$msg->addFeedback('NO_A4A_FOR_PLAIN_TEXT');
$msg->printAll();
} else {
- global $db, $content_row;
- populate_a4a($cid, $_POST['body_text'], $_POST['formatting']);
+ global $db, $content_row, $stripslashes;
+ populate_a4a($cid, $stripslashes($_POST['body_text']), $_POST['formatting']);
include_once(AT_INCLUDE_PATH.'../mods/_core/imsafa/classes/A4a.class.php');