From 128b8dba771ffd08028c26f5b3752693475b18c3 Mon Sep 17 00:00:00 2001
From: Denis Walker <dez@sucs.org>
Date: Fri, 8 Apr 2011 21:48:20 +0000
Subject: [PATCH] Modified comment approval screen to cope with comments with
 special chars in them Moved the commit button to the top of the list in a
 tfoot tag so that it appears even when there are errors

---
 lib/blog/admin.lib.php | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/blog/admin.lib.php b/lib/blog/admin.lib.php
index 31f20ce..11fae92 100644
--- a/lib/blog/admin.lib.php
+++ b/lib/blog/admin.lib.php
@@ -575,6 +575,9 @@ class admin {
 		echo "<table class=\"td\">\n";
 		$post = '';		
 		$count = 0;
+
+		echo "<tfoot>\n\t<tr>\n\t\t<td></td>\n\t\t<td></td>\n\t\t<td></td>\n\t\t<td colspan=\"2\"><input type=\"submit\" value=\"Commit\" name=\"submit\" /></td>\n\t</tr>\n</tfoot>\n";
+		echo "<tbody>\n";
 		//for each comment
 		while($r = array_shift($result)) {
 			//if the post has changed
@@ -602,7 +605,7 @@ class admin {
 				echo "\t<tr>\n";
 			}
 			echo "\t\t<td><a href=\"mailto:{$r['email']}\" title=\"IP: {$r['host']}\">{$r['name']}</a></td>\n";
-			echo "\t\t<td>{$r['body']}</td>\n";
+			echo "\t\t<td>".htmlspecialchars($r['body'])."</td>\n";
 			echo "\t\t<td><input type=\"radio\" name=\"group[$count]\" value=\"a:{$r['id']}\" /></td>\n";
 			if ($r['spam'] == 't') { 
 				echo "\t\t<td><input type=\"radio\" name=\"group[".$count++."]\" value=\"d:{$r['id']}\" checked=\"checked\"/></td>\n";
@@ -611,8 +614,8 @@ class admin {
 			}
 			echo "\t</tr>\n";
 		}
-		echo "\t<tr>\n\t\t<td></td>\n\t\t<td></td>\n\t\t<td></td>\n\t\t<td colspan=\"2\"><input type=\"submit\" value=\"Commit\" name=\"submit\" /></td>\n\t</tr>\n";
-		echo "</table>\n";
+
+		echo "</tbody>\n</table>\n";
 		echo "</form>\n";
 		echo "</div>\n";
 	}
-- 
GitLab