Browse code

Daten für Autoresponder bei der Ausgabe Filtern, nicht bei der Eingabe

schokokeks.org web services authored on14/09/2013 18:18:01
Showing2 changed files
... ...
@@ -252,7 +252,7 @@ $form .= "<p><input type=\"radio\" name=\"ar_valid_until\" value=\"infinity\" id
252 252
   html_datepicker("ar_valid_until", strtotime($enddate))."</p>";
253 253
 
254 254
 
255
-$subject = $ar['subject'];
255
+$subject = filter_input_general($ar['subject']);
256 256
 if ($subject == NULL)
257 257
   $subject = '';
258 258
 $ar_subject_default_checked = ($subject == NULL) ? ' checked="checked"' : '';
... ...
@@ -263,7 +263,7 @@ $form .= "<h4>Betreffzeile der automatischen Antwort</h4>".
263 263
   "<input type=\"radio\" name=\"ar_subject\" value=\"custom\" id=\"ar_subject_custom\"{$ar_subject_custom_checked} /> ".
264 264
   "<label for=\"ar_subject_custom\">Anderer Betreff:</label> <input type=\"text\" name=\"ar_subject_value\" id=\"ar_subject_value\" value=\"{$subject}\"/></p>";
265 265
 
266
-$message = $ar['message'];
266
+$message = filter_input_general($ar['message']);
267 267
 $form .= "<h4>Inhalt der automatischen Antwort</h4>".
268 268
   "<p><textarea cols=\"80\" rows=\"10\" name=\"ar_message\" id=\"ar_message\">".$ar['message']."</textarea></p>";
269 269
 $quote = $ar['quote'];
... ...
@@ -277,7 +277,7 @@ $form .= "<p><label for=\"ar_quote\">Originalnachricht des Absenders </label>".
277 277
 
278 278
 $ar_from_default_checked = ($ar['fromname'] == NULL) ? ' checked="checked"' : '';
279 279
 $ar_from_custom_checked = ($ar['fromname'] != NULL) ? ' checked="checked"' : '';
280
-$fromname = $ar['fromname'];
280
+$fromname = filter_input_general($ar['fromname']);
281 281
 $form .= "<h4>Absender der automatischen Antwort</h4>".
282 282
   "<p><input type=\"radio\" name=\"ar_from\" value=\"default\" id=\"ar_from_default\"{$ar_from_default_checked} /> <label for=\"ar_from_default\">Nur E-Mail-Adresse</label><br />".
283 283
   "<input type=\"radio\" name=\"ar_from\" value=\"custom\" id=\"ar_from_custom\"{$ar_from_custom_checked} /> <label for=\"ar_from_custom\">Mit Name: </label> ".
... ...
@@ -128,11 +128,11 @@ if ($_GET['action'] == 'edit')
128 128
   }
129 129
 
130 130
   if (isset($_POST['ar_subject']) && $_POST['ar_subject'] == 'custom' && isset($_POST['ar_subject_value']) && chop($_POST['ar_subject_value']) != '') {
131
-    $ar['subject'] = filter_input_general( chop($_POST['ar_subject_value']) );
131
+    $ar['subject'] = chop($_POST['ar_subject_value']);
132 132
   }
133 133
 
134 134
   if (isset($_POST['ar_message'])) {
135
-    $ar['message'] = filter_input_general( $_POST['ar_message'] );
135
+    $ar['message'] = $_POST['ar_message'];
136 136
   }
137 137
 
138 138
   if (isset($_POST['ar_quote'])) {
... ...
@@ -145,7 +145,7 @@ if ($_GET['action'] == 'edit')
145 145
   }
146 146
 
147 147
   if (isset($_POST['ar_from']) && $_POST['ar_from'] == 'custom' && isset($_POST['ar_fromname'])) {
148
-    $ar['fromname'] = filter_input_general( $_POST['ar_fromname']);
148
+    $ar['fromname'] = $_POST['ar_fromname'];
149 149
   }
150 150
     
151 151
   $account['autoresponder'] = $ar;