--- friend.php.OLD Tue Jun 4 16:43:12 2002
+++ friend.php Tue Jun 4 17:28:39 2002
@@ -67,6 +67,10 @@
list($title, $time, $hometext, $bodytext, $topic, $notes, $sid) = mysql_fetch_row($result2);
$result3 = mysql_query("SELECT topictext FROM topics WHERE topicid='$topic'");
list($topictext) = mysql_fetch_row($result3);
+ $yname = removecrlf($yname);
+ $ymail = removecrlf($ymail);
+ $fname = removecrlf($fname);
+ $fmail = removecrlf($fmail);
$subject = "Intressant artikel på $sitename";
$message = "Hallå $fname,\n\n";
$message .= "Din kompis $yname ansåg att den här artikeln var intressant och ville skicka den till dig.\n\n";
@@ -88,7 +92,7 @@
include('header.php');
html_page_head();
echo "
\n";
- echo "Artikeln $title har skickats till $fname.\n";
+ echo "Artikeln $title har skickats till ".htmlspecialchars($fname).".\n";
echo "
\n";
html_page_foot();
include('footer.php');
@@ -120,6 +124,10 @@
function SendSite($yname, $ymail, $fname, $fmail) {
global $sitename,$slogan,$nuke_url;
dbconnect();
+ $yname = removecrlf($yname);
+ $ymail = removecrlf($ymail);
+ $fname = removecrlf($fname);
+ $fmail = removecrlf($fmail);
$subject = "Intressant sajt: $sitename";
$message = "Hallå $fname,\n\n";
$message.= "Din kompis $yname tyckte vår sajt $sitename verkade intressant och rekommenderar den till dig.\n\n";
@@ -132,10 +140,14 @@
function SiteSent($fname) {
include('header.php');
html_page_head();
- echo "Ditt sajt-tips har skickats till $fname...\n";
+ echo "
Ditt sajt-tips har skickats till ".htmlspecialchars($fname)."...
\n";
echo "Tack för att du rekommenderar oss!
\n";
html_page_foot();
include('footer.php');
+}
+
+function removecrlf($string) {
+ return strtr($string, "\015\012", ' ');
}