diff --git a/admin/service_messages.php b/admin/service_messages.php
index ccd10196..5e8d0978 100644
--- a/admin/service_messages.php
+++ b/admin/service_messages.php
@@ -111,22 +111,19 @@ require_once(HESK_PATH . 'inc/show_admin_nav.inc.php');
-
purify($message);
+ require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
+ $purifier = new HeskHTMLPurifier();
+ $message = $purifier->heskPurify($message);
// Any errors?
if (count($hesk_error_buffer)) {
@@ -547,7 +544,7 @@ function save_sm()
`style` = '{$style}',
`type` = '{$type}',
`icon` = '{$icon}'
- WHERE `id`={$id} LIMIT 1");
+ WHERE `id`={$id}");
$_SESSION['smord'] = $id;
hesk_process_messages($hesklang['sm_mdf'], 'service_messages.php', 'SUCCESS');
@@ -588,7 +585,7 @@ function order_sm()
$_SESSION['smord'] = $id;
// Update article details
- hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=`order`+" . intval($move) . " WHERE `id`={$id} LIMIT 1");
+ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=`order`+" . intval($move) . " WHERE `id`={$id}");
// Update order of all service messages
update_sm_order();
@@ -610,7 +607,7 @@ function update_sm_order()
// Update database
$i = 10;
while ($sm = hesk_dbFetchAssoc($res)) {
- hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=" . intval($i) . " WHERE `id`='" . intval($sm['id']) . "' LIMIT 1");
+ hesk_dbQuery("UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` SET `order`=" . intval($i) . " WHERE `id`='" . intval($sm['id']) . "'");
$i += 10;
}
@@ -630,7 +627,7 @@ function remove_sm()
$id = intval(hesk_GET('id')) or hesk_error($hesklang['sm_e_id']);
// Delete the service message
- hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id} LIMIT 1");
+ hesk_dbQuery("DELETE FROM `" . hesk_dbEscape($hesk_settings['db_pfix']) . "service_messages` WHERE `id`={$id}");
// Were we successful?
if (hesk_dbAffectedRows() == 1) {
@@ -663,9 +660,9 @@ function new_sm()
$message = hesk_getHTML(hesk_POST('message'));
// Clean the HTML code
- require(HESK_PATH . 'inc/htmlpurifier/HTMLPurifier.standalone.php');
- $purifier = new HTMLPurifier();
- $message = $purifier->purify($message);
+ require(HESK_PATH . 'inc/htmlpurifier/HeskHTMLPurifier.php');
+ $purifier = new HeskHTMLPurifier();
+ $message = $purifier->heskPurify($message);
// Any errors?
if (count($hesk_error_buffer)) {