markup modifiers: there was a plan for adding markup to ban reasons, but assignment was missing; escape markup there too

2013-07-31 20:33:27 -04:00 · 2013-07-31 20:33:27 -04:00 · ce2af291b0
commit ce2af291b0
parent d7ea47a91f
1 changed files with 2 additions and 1 deletions
--- a/inc/mod/ban.php
+++ b/inc/mod/ban.php
@ -61,7 +61,8 @@ function ban($mask, $reason, $length, $board) {
 	$query->bindValue(':mod', $mod['id']);
 	$query->bindValue(':time', time());
 	if ($reason !== '') {
-		markup($reason);
+		$reason = escape_markup_modifiers($reason);
+		$reason = markup($reason);
 		$query->bindValue(':reason', $reason);
 	} else
 		$query->bindValue(':reason', null, PDO::PARAM_NULL);