Типа я (zilogic) wrote in changelog,
Типа я
zilogic
changelog

[livejournal] r19697: LJSV-1615: Unescaped BML on talkpost_do....

Committer: amyshkin
LJSV-1615: Unescaped BML on talkpost_do.bml
U   trunk/cgi-bin/weblib.pl
U   trunk/htdocs/talkpost_do.bml
Modified: trunk/cgi-bin/weblib.pl
===================================================================
--- trunk/cgi-bin/weblib.pl	2011-08-11 05:33:26 UTC (rev 19696)
+++ trunk/cgi-bin/weblib.pl	2011-08-11 06:28:30 UTC (rev 19697)
@@ -273,16 +273,16 @@
 # args: error*
 # des-error: A list of errors
 # </LJFUNC>
-sub bad_input
-{
+sub bad_input {
     my @errors = @_;
-    my $ret = "";
-    $ret .= "<?badcontent?>\n<ul>\n";
-    foreach my $ei (@errors) {
-        my $err  = LJ::errobj($ei) or next;
+    my $ret = LJ::Lang::ml('bml.badcontent.body') . "\n<ul>\n";
+
+    foreach my $ei ( @errors ) {
+        my $err = LJ::errobj($ei) or next;
         $err->log;
         $ret .= $err->as_bullets;
     }
+
     $ret .= "</ul>\n";
     return $ret;
 }

Modified: trunk/htdocs/talkpost_do.bml
===================================================================
--- trunk/htdocs/talkpost_do.bml	2011-08-11 05:33:26 UTC (rev 19696)
+++ trunk/htdocs/talkpost_do.bml	2011-08-11 06:28:30 UTC (rev 19697)
@@ -72,7 +72,7 @@
     # them through since they're coming from a comment page and
     # validate the hash later.
     elsif (! LJ::did_post() && !$POST{'ecphash'}) {
-        return LJ::bad_input("Comment not posted: POST required, or missing parameter.");
+        return LJ::bad_input(LJ::Lang::ml("comment.not.posted.POST.required.or.missing.parameter"));
     }
 
 

Tags: bml, livejournal, pl, zilogic
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 0 comments