]> git.mxchange.org Git - friendica.git/blobdiff - mod/message.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge pull request #6224 from annando/dba-delete-contact
[friendica.git] / mod / message.php
diff --git a/mod/message.php b/mod/message.php
index e689c45021cb70f8aa8a44b7d5075b591e7f0562..e0d9f4404ff1e238ed8d2389ce1e1bcdd90a22e9 100644 (file)
--- a/mod/message.php
+++ b/mod/message.php
@@ -59,10 +59,10 @@ function message_post(App $a)
                return;
        }
 
-       $replyto   = x($_REQUEST, 'replyto')   ? Strings::removeTags(trim($_REQUEST['replyto']))   : '';
-       $subject   = x($_REQUEST, 'subject')   ? Strings::removeTags(trim($_REQUEST['subject']))   : '';
-       $body      = x($_REQUEST, 'body')      ? Strings::escapeTags(trim($_REQUEST['body'])) : '';
-       $recipient = x($_REQUEST, 'messageto') ? intval($_REQUEST['messageto'])       : 0;
+       $replyto   = !empty($_REQUEST['replyto'])   ? Strings::escapeTags(trim($_REQUEST['replyto'])) : '';
+       $subject   = !empty($_REQUEST['subject'])   ? Strings::escapeTags(trim($_REQUEST['subject'])) : '';
+       $body      = !empty($_REQUEST['body'])      ? Strings::escapeHtml(trim($_REQUEST['body']))    : '';
+       $recipient = !empty($_REQUEST['messageto']) ? intval($_REQUEST['messageto'])                  : 0;
 
        $ret = Mail::send($recipient, $body, $subject, $replyto);
        $norecip = false;
@@ -253,8 +253,8 @@ function message_content(App $a)
                        '$prefill' => $prefill,
                        '$preid' => $preid,
                        '$subject' => L10n::t('Subject:'),
-                       '$subjtxt' => x($_REQUEST, 'subject') ? strip_tags($_REQUEST['subject']) : '',
-                       '$text' => x($_REQUEST, 'body') ? Strings::escapeTags(htmlspecialchars($_REQUEST['body'])) : '',
+                       '$subjtxt' => !empty($_REQUEST['subject']) ? strip_tags($_REQUEST['subject']) : '',
+                       '$text' => !empty($_REQUEST['body']) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : '',
                        '$readonly' => '',
                        '$yourmessage' => L10n::t('Your message:'),
                        '$select' => $select,
Unnamed repository; edit this file 'description' to name the repository.