diff --git a/package.json b/package.json index adfd01d6be..ea38ec8fec 100644 --- a/package.json +++ b/package.json @@ -1,64 +1,72 @@ { - "name": "nodebb", - "license": "GPLv3 or later", - "description": "NodeBB Forum", - "version": "0.0.6", - "homepage": "http://www.nodebb.org", - "repository": { - "type": "git", - "url": "https://github.com/designcreateplay/NodeBB/" - }, - "main": "app.js", - "dependencies": { - "socket.io": "~0.9.16", - "redis": "0.8.3", - "express": "3.2.0", - "express-namespace": "0.1.1", - "emailjs": "0.3.4", - "cookie": "0.0.6", - "connect-redis": "1.4.5", - "passport": "0.1.17", - "passport-local": "0.1.6", - "passport-twitter": "0.1.5", - "passport-google-oauth": "0.1.5", - "passport-facebook": "0.1.5", - "less-middleware": "0.1.12", - "marked": "0.2.8", - "bcrypt": "0.7.5", - "async": "0.2.8", - "node-imagemagick": "0.1.8", - "gravatar": "1.0.6", - "nconf": "~0.6.7", - "sitemap": "~0.6.0", - "request": "~2.25.0", - "reds": "~0.2.4", - "winston": "~0.7.2", - "nodebb-plugin-mentions": "~0.1.0", - "nodebb-plugin-markdown": "~0.1.0", - "rss": "~0.2.0", - "prompt": "~0.2.11", - "uglify-js": "~2.4.0" - }, - "bugs": { - "url": "https://github.com/designcreateplay/NodeBB/issues" - }, - "engines": { - "node": ">=0.8" - }, - "contributors": [{ - "name": "Andrew Rodrigues", - "email": "andrew@designcreateplay.com" - }, { - "name": "Julian Lam", - "email": "julian@designcreateplay.com" - }, { - "name": "Barış Soner Uşaklı", - "email": "baris@designcreateplay.com" - }, { - "name": "Damian Bushong", - "url": "https://github.com/damianb" - }, { - "name": "Matt Smith", - "url": "https://github.com/soimafreak" - }] + "name": "nodebb", + "license": "GPLv3 or later", + "description": "NodeBB Forum", + "version": "0.0.6", + "homepage": "http://www.nodebb.org", + "repository": { + "type": "git", + "url": "https://github.com/designcreateplay/NodeBB/" + }, + "main": "app.js", + "dependencies": { + "socket.io": "~0.9.16", + "redis": "0.8.3", + "express": "3.2.0", + "express-namespace": "0.1.1", + "emailjs": "0.3.4", + "cookie": "0.0.6", + "connect-redis": "1.4.5", + "passport": "0.1.17", + "passport-local": "0.1.6", + "passport-twitter": "0.1.5", + "passport-google-oauth": "0.1.5", + "passport-facebook": "0.1.5", + "less-middleware": "0.1.12", + "marked": "0.2.8", + "bcrypt": "0.7.5", + "async": "0.2.8", + "node-imagemagick": "0.1.8", + "gravatar": "1.0.6", + "nconf": "~0.6.7", + "sitemap": "~0.6.0", + "cheerio": "~0.12.0", + "request": "~2.25.0", + "reds": "~0.2.4", + "winston": "~0.7.2", + "nodebb-plugin-mentions": "~0.1.0", + "nodebb-plugin-markdown": "~0.1.0", + "rss": "~0.2.0", + "prompt": "~0.2.11", + "uglify-js": "~2.4.0", + "validator": "~1.5.1" + }, + "bugs": { + "url": "https://github.com/designcreateplay/NodeBB/issues" + }, + "engines": { + "node": ">=0.8" + }, + "contributors": [ + { + "name": "Andrew Rodrigues", + "email": "andrew@designcreateplay.com" + }, + { + "name": "Julian Lam", + "email": "julian@designcreateplay.com" + }, + { + "name": "Barış Soner Uşaklı", + "email": "baris@designcreateplay.com" + }, + { + "name": "Damian Bushong", + "url": "https://github.com/damianb" + }, + { + "name": "Matt Smith", + "url": "https://github.com/soimafreak" + } + ] } diff --git a/src/topics.js b/src/topics.js index e3b8bfc98d..e6380882a5 100644 --- a/src/topics.js +++ b/src/topics.js @@ -12,7 +12,8 @@ schema = require('./schema.js'), feed = require('./feed.js'), favourites = require('./favourites.js'), reds = require('reds'), - topicSearch = reds.createSearch('nodebbtopicsearch'); + topicSearch = reds.createSearch('nodebbtopicsearch'), + validator = require('validator'); (function(Topics) { @@ -655,7 +656,7 @@ schema = require('./schema.js'), var slug = tid + '/' + utils.slugify(title); var timestamp = Date.now(); - + title = validator.sanitize(title).escape(); RDB.hmset('topic:' + tid, { 'tid': tid, 'uid': uid,