}
$admin->form_start('product.php', 'insertversion');
- $admin->form_hidden_field('productid', $vars['productid']);
+ $admin->form_hidden_field('productid', intval($bugsys->in['productid']));
$admin->table_start();
$admin->table_head(phrase('add_new_version'));
$admin->row_input(phrase('version_title'), 'version');
if (!$bugsys->options['allowhtml'])
{
- $vars['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
+ $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
}
$db->query("
UPDATE " . TABLE_PREFIX . "comment
SET comment = '" . $bugsys->in['comment'] . "',
comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "'
- WHERE commentid = $vars[commentid]"
+ WHERE commentid = $comment[commentid]"
);
echo "<a href=\"showreport.php?bugid=$bug[bugid]\">comment saved</a>";
WHERE bugid = $bug[bugid]"
);
- if ($vars['changeproduct'])
+ if ($bugsys->in['changeproduct'])
{
$_REQUEST['do'] = 'editproduct';
}
if (!$bugsys->options['allowhtml'])
{
- $vars['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
+ $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
}
$time = time();
INSERT INTO " . TABLE_PREFIX . "comment
(bugid, userid, dateline, comment, comment_parsed)
VALUES
- ($vars[bugid], " . $bugsys->userinfo['userid'] . ",
+ (" . intval($bugsys->in['bugid']) . ", " . $bugsys->userinfo['userid'] . ",
$time, '" . $bugsys->in['comment'] . "',
'" . nl2br($bugsys->in['comment_parsed']) . "'
)"