Sanitize the review name as well as content.

This commit is contained in:
Adam Kelly 2020-04-02 17:05:22 +01:00
parent 31b71cf35f
commit 34c83e93e0

View file

@ -27,6 +27,7 @@ def create_review_from_activity(author, activity):
def create_review(user, book, name, content, rating): def create_review(user, book, name, content, rating):
''' a book review has been added ''' ''' a book review has been added '''
name = sanitize(name)
content = sanitize(content) content = sanitize(content)
# no ratings outside of 0-5 # no ratings outside of 0-5