diff --git a/upload/includes/functions.php b/upload/includes/functions.php index 9907a57e1..8c41373be 100644 --- a/upload/includes/functions.php +++ b/upload/includes/functions.php @@ -2066,7 +2066,7 @@ function realdate($date, $format = "Ymd") function birthday_age($date) { if(!$date) return; - return delta_time(mktime(0, 0, 0, 0, 0, realdate($date, 'Y'))); + return delta_time(mktime(0, 0, 0, 6, 0, realdate($date, 'Y'))); } // diff --git a/upload/includes/functions_post.php b/upload/includes/functions_post.php index 84fa13d35..eebfed0b9 100644 --- a/upload/includes/functions_post.php +++ b/upload/includes/functions_post.php @@ -52,7 +52,7 @@ function prepare_post(&$mode, &$post_data, &$error_msg, &$username, &$subject, & // Check subject if (!empty($subject)) { - $subject = preg_replace('#&#', '&', htmlspecialchars(trim($subject))); + $subject = str_replace('&', '&', $subject); } else if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post'])) { @@ -76,11 +76,6 @@ function prepare_post(&$mode, &$post_data, &$error_msg, &$username, &$subject, & { $poll_length = (isset($poll_length)) ? max(0, intval($poll_length)) : 0; - if (!empty($poll_title)) - { - $poll_title = htmlspecialchars(trim($poll_title)); - } - if(!empty($poll_options)) { $temp_option_text = array(); @@ -89,7 +84,7 @@ function prepare_post(&$mode, &$post_data, &$error_msg, &$username, &$subject, & $option_text = trim($option_text); if (!empty($option_text)) { - $temp_option_text[$option_id] = htmlspecialchars($option_text); + $temp_option_text[$option_id] = clean_title($option_text); } } $option_text = $temp_option_text; @@ -296,7 +291,7 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_ { if (!empty($option_text)) { - $option_text = DB()->escape(htmlspecialchars($option_text)); + $option_text = DB()->escape(clean_title($option_text)); $poll_result = ($mode == "editpost" && isset($old_poll_result[$option_id])) ? $old_poll_result[$option_id] : 0; $sql = ($mode != "editpost" || !isset($old_poll_result[$option_id])) ? "INSERT INTO " . BB_VOTE_RESULTS . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . BB_VOTE_RESULTS . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id"; diff --git a/upload/posting.php b/upload/posting.php index 8a7a99173..63b134013 100644 --- a/upload/posting.php +++ b/upload/posting.php @@ -493,7 +493,7 @@ else if ( ($submit || $confirm) && !$topic_has_new_posts ) $subject = ( !empty($_POST['subject']) ) ? clean_title($_POST['subject']) : ''; $message = ( !empty($_POST['message']) ) ? prepare_message($_POST['message']) : ''; $poll_title = ( isset($_POST['poll_title']) && $is_auth['auth_pollcreate'] ) ? clean_title($_POST['poll_title']) : ''; - $poll_options = ( isset($_POST['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? clean_title($_POST['poll_option_text']) : ''; + $poll_options = ( isset($_POST['poll_option_text']) && $is_auth['auth_pollcreate'] ) ? $_POST['poll_option_text'] : ''; $poll_length = ( isset($_POST['poll_length']) && $is_auth['auth_pollcreate'] ) ? $_POST['poll_length'] : ''; prepare_post($mode, $post_data, $error_msg, $username, $subject, $message, $poll_title, $poll_options, $poll_length); diff --git a/upload/templates/default/usercp_register.tpl b/upload/templates/default/usercp_register.tpl index 478e01011..127fe0120 100644 --- a/upload/templates/default/usercp_register.tpl +++ b/upload/templates/default/usercp_register.tpl @@ -272,7 +272,7 @@ ajax.callback.view_message = function(data){ - + {L_MANAGE_USER}