fixes sanitization

This commit is contained in:
timothyteakettle
2021-01-19 01:04:01 +00:00
parent b956df2226
commit 837e766306
2 changed files with 4 additions and 4 deletions
+3 -3
View File
@@ -707,12 +707,12 @@ SUBSYSTEM_DEF(job)
//handle non-polychromic items (they only have one color)
I.add_atom_colour(i[LOADOUT_COLOR][1], FIXED_COLOUR_PRIORITY)
I.update_icon()
//when inputting the data it's already sanitized, but it's best to be safe
//when inputting the data it's already sanitized
if(i[LOADOUT_CUSTOM_NAME])
var/custom_name = strip_html(i[LOADOUT_CUSTOM_NAME])
var/custom_name = i[LOADOUT_CUSTOM_NAME]
I.name = custom_name
if(i[LOADOUT_CUSTOM_DESCRIPTION])
var/custom_description = strip_html(i[LOADOUT_CUSTOM_DESCRIPTION])
var/custom_description = i[LOADOUT_CUSTOM_DESCRIPTION]
I.desc = custom_description
if(!M.equip_to_slot_if_possible(I, G.slot, disable_warning = TRUE, bypass_equip_delay_self = TRUE)) // If the job's dresscode compliant, try to put it in its slot, first
if(iscarbon(M))
+1 -1
View File
@@ -2744,7 +2744,7 @@ GLOBAL_LIST_EMPTY(preferences_datums)
//renaming is only allowed if it has the flag for it
if(href_list["loadout_rename"] && (G.loadout_flags & LOADOUT_CAN_NAME))
var/new_name = stripped_input(user, "Enter new name for item. Maximum 32 characters.", "Loadout Item Naming", null, 32)
var/new_name = stripped_input(user, "Enter new name for item. Maximum [MAX_NAME_LEN] characters.", "Loadout Item Naming", null, MAX_NAME_LEN)
if(new_name)
user_gear[LOADOUT_CUSTOM_NAME] = new_name