Merge branch 'master' of github.com:marvinborner/abizeugs into profile

author: LarsVomMars 2020-10-10 11:41:30 +0200
committer: LarsVomMars 2020-10-10 11:41:30 +0200
commit: 2d93f2db26b7b8ef99264b158553c880bc205f42 (patch)
tree: bcae1e9a78962ac85bc036b22bae985ba6d0d936 /quotes/index.js
parent: e6626356d90fcc58db1dbfad35211c0b3a103aa7 (diff)
parent: 7a4ade2036140203cee39cc7622f835114862515 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/quotes/index.js b/quotes/index.js
index 5aa0646..0e0717b 100644
--- a/quotes/index.js
+++ b/quotes/index.js
@@ -11,7 +11,7 @@ app.post("/api/add", checkUser, async (req, res) => {
         await db.query("INSERT INTO quotes (user_id, author_id, quote) VALUE (?,?,?)", [
             req.session.uid,
             parseInt(req.body.author),
-            req.body.quote,
+            req.body.quote.replace(/</g, "&lt;").replace(/>/g, "&gt;"),
         ]);
         res.redirect("/quotes");
     } catch (e) {
author	LarsVomMars	2020-10-10 11:41:30 +0200
committer	LarsVomMars	2020-10-10 11:41:30 +0200
commit	2d93f2db26b7b8ef99264b158553c880bc205f42 (patch)
tree	bcae1e9a78962ac85bc036b22bae985ba6d0d936 /quotes/index.js
parent	e6626356d90fcc58db1dbfad35211c0b3a103aa7 (diff)
parent	7a4ade2036140203cee39cc7622f835114862515 (diff)