diff --git a/code/modules/client/preference_setup/antagonism/01_basic.dm b/code/modules/client/preference_setup/antagonism/01_basic.dm index 83b40f5e82..97b7745ba0 100644 --- a/code/modules/client/preference_setup/antagonism/01_basic.dm +++ b/code/modules/client/preference_setup/antagonism/01_basic.dm @@ -44,7 +44,7 @@ var/global/list/uplink_locations = list("PDA", "Headset", "None") return TOPIC_REFRESH if(href_list["exploitable_record"]) - var/exploitmsg = html_decode(sanitizeSafe(input(user,"Set exploitable information about you here.","Exploitable Information", html_decode(pref.exploit_record)) as message|null, MAX_RECORD_LENGTH, extra = 0)) + var/exploitmsg = sanitizeSafe(input(user,"Set exploitable information about you here.","Exploitable Information", html_decode(pref.exploit_record)) as message|null, MAX_RECORD_LENGTH, extra = 0) if(!isnull(exploitmsg) && !jobban_isbanned(user, "Records") && CanUseTopic(user)) pref.exploit_record = exploitmsg return TOPIC_REFRESH diff --git a/code/modules/client/preference_setup/general/05_background.dm b/code/modules/client/preference_setup/general/05_background.dm index 4bbb1793cf..8a68633c66 100644 --- a/code/modules/client/preference_setup/general/05_background.dm +++ b/code/modules/client/preference_setup/general/05_background.dm @@ -115,19 +115,19 @@ return TOPIC_REFRESH else if(href_list["set_medical_records"]) //2023-03-18, we're using sanitizeSafe() in order to remove <> entirely, allowing us to safely decode it on the pref screen - var/new_medical = html_decode(sanitizeSafe(input(user,"Enter medical information here.","Character Preference", html_decode(pref.med_record)) as message|null, MAX_RECORD_LENGTH, extra = 0)) + var/new_medical = sanitizeSafe(input(user,"Enter medical information here.","Character Preference", html_decode(pref.med_record)) as message|null, MAX_RECORD_LENGTH, extra = 0) if(!isnull(new_medical) && !jobban_isbanned(user, "Records") && CanUseTopic(user)) pref.med_record = new_medical return TOPIC_REFRESH else if(href_list["set_general_records"]) //2023-03-20, this allows people to use apostrophes in their records! - var/new_general = html_decode(sanitizeSafe(input(user,"Enter employment information here.","Character Preference", html_decode(pref.gen_record)) as message|null, MAX_RECORD_LENGTH, extra = 0)) + var/new_general = sanitizeSafe(input(user,"Enter employment information here.","Character Preference", html_decode(pref.gen_record)) as message|null, MAX_RECORD_LENGTH, extra = 0) if(!isnull(new_general) && !jobban_isbanned(user, "Records") && CanUseTopic(user)) pref.gen_record = new_general return TOPIC_REFRESH else if(href_list["set_security_records"]) //Note that html exploits still won't work here because we removed <> earlier. - var/sec_medical = html_decode(sanitizeSafe(input(user,"Enter security information here.","Character Preference", html_decode(pref.sec_record)) as message|null, MAX_RECORD_LENGTH, extra = 0)) + var/sec_medical = sanitizeSafe(input(user,"Enter security information here.","Character Preference", html_decode(pref.sec_record)) as message|null, MAX_RECORD_LENGTH, extra = 0) if(!isnull(sec_medical) && !jobban_isbanned(user, "Records") && CanUseTopic(user)) pref.sec_record = sec_medical return TOPIC_REFRESH