diff --git a/htdocs/opensurvey/card.php b/htdocs/opensurvey/card.php index 3f822679350..bc018a2dda1 100644 --- a/htdocs/opensurvey/card.php +++ b/htdocs/opensurvey/card.php @@ -137,18 +137,18 @@ if (empty($reshook)) { if (GETPOST('ajoutcomment')) { $error = 0; - if (!GETPOST('comment')) { + if (!GETPOST('comment', "alphanohtml")) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Comment")), null, 'errors'); } - if (!GETPOST('commentuser')) { + if (!GETPOST('commentuser', "alphanohtml")) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("User")), null, 'errors'); } if (!$error) { - $comment = (string) GETPOST("comment", "restricthtml"); - $comment_user = (string) GETPOST('commentuser', "restricthtml"); + $comment = (string) GETPOST("comment", "alphanohtml"); + $comment_user = (string) GETPOST('commentuser', "alphanohtml"); $resql = $object->addComment($comment, $comment_user); @@ -422,7 +422,7 @@ print '
'; if ($object->allow_comments) { print $langs->trans("AddACommentForPoll").'
'; print '
'."\n"; - print $langs->trans("Name").': '."\n"; + print $langs->trans("Name").': '."\n"; print '
'."\n"; } diff --git a/htdocs/public/opensurvey/studs.php b/htdocs/public/opensurvey/studs.php index c14935d6708..a1c9efed6c3 100644 --- a/htdocs/public/opensurvey/studs.php +++ b/htdocs/public/opensurvey/studs.php @@ -79,8 +79,8 @@ if (GETPOST('ajoutcomment', 'alpha')) { $error = 0; - $comment = GETPOST("comment", 'restricthtml'); - $comment_user = GETPOST('commentuser', 'nohtml'); + $comment = GETPOST("comment", 'alphanohtml'); + $comment_user = GETPOST('commentuser', 'alphanohtml'); if (!$comment) { $error++; @@ -780,9 +780,9 @@ if ($comments) { if ($object->allow_comments) { print '
'.$langs->trans("AddACommentForPoll")."
\n"; - print '
'."\n"; + print '
'."\n"; print $langs->trans("Name").': '; - print '   '."\n"; + print '   '."\n"; print '
'."\n"; print ''."\n";