one more htmlspecialchar()ing neccessary

author garvinhicking <garvinhicking>

Fri, 13 May 2005 17:19:00 +0000 (17:19 +0000)

committer garvinhicking <garvinhicking>

Fri, 13 May 2005 17:19:00 +0000 (17:19 +0000)
author garvinhicking <garvinhicking>
Fri, 13 May 2005 17:19:00 +0000 (17:19 +0000)
committer garvinhicking <garvinhicking>
Fri, 13 May 2005 17:19:00 +0000 (17:19 +0000)
diff --git a/include/functions_comments.inc.php b/include/functions_comments.inc.php

index 98697306315e5becfaeb989f0201d2cf63e48fb8..027f956f10cf70447d320f5b797d574feb763e0f 100644 (file)
--- a/include/functions_comments.inc.php
+++ b/include/functions_comments.inc.php
@@ -55,7 +55,7 @@ function serendipity_displayCommentForm($id, $url = '', $comments = NULL, $data
          'commentform_remember'       => isset($data['remember'])  ? 'checked="checked"'                   : (isset($serendipity['COOKIE']['remember']) ? 'checked="checked"' : ''),
          'commentform_replyTo'        => serendipity_generateCommentList($id, $comments, ((isset($data['replyTo']) && ($data['replyTo'])) ? $data['replyTo'] : 0)),
          'commentform_subscribe'      => isset($data['subscribe']) ? 'checked="checked"' : '',
-        'commentform_data'           => isset($data['comment'])   ? $data['comment'] : '',
+        'commentform_data'           => isset($data['comment'])   ? htmlspecialchars($data['comment']) : '',
          'is_commentform_showToolbar' => $showToolbar,
          'is_allowSubscriptions'      => $serendipity['allowSubscriptions'],
          'is_moderate_comments'       => $moderate_comments,
author	garvinhicking <garvinhicking>
	Fri, 13 May 2005 17:19:00 +0000 (17:19 +0000)
committer	garvinhicking <garvinhicking>
	Fri, 13 May 2005 17:19:00 +0000 (17:19 +0000)