- do not remove slashes before calling insert_user_comment (homogeneity with update_user_comment and general use of slashes in piwigo)

- when using a modifier on a non array variable use @| instead of | (generated code is simpler and faster) git-svn-id: http://piwigo.org/svn/trunk@6437 68402e56-0260-453c-a942-63ccdbb3a9ee
2025-04-27 19:59:56 +03:00 · 2010-06-01 19:52:44 +00:00 · 2010-06-01 19:52:44 +00:00 · 2a99a22130
commit 2a99a22130
parent d7b71e2167
5 changed files with 9 additions and 24 deletions
--- a/include/functions_comment.inc.php
+++ b/include/functions_comment.inc.php
@ -158,7 +158,7 @@ INSERT INTO '.COMMENTS_TABLE.'
  VALUES (
    "'.$comm['author'].'",
    '.$comm['author_id'].',
-    "'.pwg_db_real_escape_string($comm['content']).'",
+    "'.$comm['content'].'",
    NOW(),
    "'.($comment_action=='validate' ? 'true':'false').'",
    '.($comment_action=='validate' ? 'NOW()':'NULL').',
@ -257,21 +257,6 @@ function update_user_comment($comment, $post_key)
    $comment_action='reject';
  }

-/* ? this is a MySql Error - author_id is not defined
-  if ($comment_action!='reject' and $conf['anti-flood_time']>0 )
-  { // anti-flood system
-    $reference_date = time() - $conf['anti-flood_time'];
-    $query = '
-SELECT id FROM '.COMMENTS_TABLE.'
-  WHERE date > FROM_UNIXTIME('.$reference_date.')
-    AND author_id = '.$comm['author_id'];
-    if ( pwg_db_num_rows( pwg_query( $query ) ) > 0 )
-    {
-      //?? array_push( $infos, l10n('Anti-flood system : please wait for a moment before trying to post another comment') );
-      $comment_action='reject';
-    }
-  }
-*/
  // perform more spam check
  $comment_action =
    trigger_event('user_comment_check',