summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2013-08-12 18:05:10 +0200
committerFlorian Pritz <bluewind@xinu.at>2013-08-12 18:05:10 +0200
commit2e5f4af90d44b568cb98f221ad0a68667edd862c (patch)
tree16ba23af6c1ab4159682c8af44a11a9bbb725a9f /application
parentc44d567d0973a0a73327ccbb9c4dbffd45a8d323 (diff)
apikeys: allow any chars in comment
No real point in restricting those, just leads to people wanting to use special chars that don't work. Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/controllers/user.php5
-rw-r--r--application/views/user/apikeys.php2
2 files changed, 3 insertions, 4 deletions
diff --git a/application/controllers/user.php b/application/controllers/user.php
index f1dbe5c31..27e027ac7 100644
--- a/application/controllers/user.php
+++ b/application/controllers/user.php
@@ -92,9 +92,8 @@ class User extends CI_Controller {
$comment = $this->input->post("comment");
- if (strlen($comment) > 255 || !preg_match("/^[a-zA-Z0-9 -@,]*$/", $comment)) {
- // display better error for
- show_error("Comment invalid. Only 255 chars of a-zA-Z0-9, @, -, space and comma allowed");
+ if (strlen($comment) > 255) {
+ show_error("Comment may only be 255 chars long.");
}
$key = random_alphanum(32);
diff --git a/application/views/user/apikeys.php b/application/views/user/apikeys.php
index 14d829ffa..aa268d678 100644
--- a/application/views/user/apikeys.php
+++ b/application/views/user/apikeys.php
@@ -15,7 +15,7 @@
<tr>
<td><?php echo $i++; ?></td>
<td><?php echo $item["key"]; ?></td>
- <td><?php echo $item["comment"]; ?></td>
+ <td><?php echo htmlentities($item["comment"]); ?></td>
<td><?php echo date("Y/m/d H:i", $item["created"]); ?></td>
<td>
<?php echo form_open("user/delete_apikey", array("style" => "margin-bottom: 0")); ?>