Changeset 148
- Timestamp:
- 2008-05-14 17:16:47 (8 months ago)
- Files:
-
- trunk/classes/misc/Post.php (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/classes/misc/Post.php
r144 r148 371 371 if ($show_orig === 'newtopic' || $show_orig === 'newpoll') { 372 372 @$C->query('LOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'topics'); 373 $subject = trim($subject);373 $subject = $F->htmlentities(trim($subject), TRUE); 374 374 $q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'topics (forum, topictitle, poll) values (:id, :subject, :poll)'); 375 375 $q->bindParam(':id', $forum, PDO::PARAM_INT,12); … … 477 477 $q->bindParam(':rec', $row2->memberemail, PDO::PARAM_STR); 478 478 $q->bindParam(':subj', $LANG['mail_notification_subject'], PDO::PARAM_STR); 479 $q->bindParam(':body', str_replace(Array('%topictitle%', '%topic%', '%page%'), $_title, $reply, $page), $LANG['mail_notification_body']);479 $q->bindParam(':body', str_replace(Array('%topictitle%', '%topic%', '%page%'), Array($_title, $reply, $page), $LANG['mail_notification_body'])); 480 480 $q->execute(); 481 481 $q = NULL;
