From: garvinhicking <garvinhicking>
Date: Fri, 13 May 2005 17:19:00 +0000 (+0000)
Subject: one more htmlspecialchar()ing neccessary
X-Git-Tag: 0.9~458
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=f05a8ce5d04d434024f50ec0535aa30f67edee57;p=s9y.git

one more htmlspecialchar()ing neccessary
---

diff --git a/include/functions_comments.inc.php b/include/functions_comments.inc.php
index 9869730..027f956 100644
--- a/include/functions_comments.inc.php
+++ b/include/functions_comments.inc.php
@@ -55,7 +55,7 @@ function serendipity_displayCommentForm($id, $url = '', $comments = NULL, $data
         'commentform_remember'       => isset($data['remember'])  ? 'checked="checked"'                   : (isset($serendipity['COOKIE']['remember']) ? 'checked="checked"' : ''),
         'commentform_replyTo'        => serendipity_generateCommentList($id, $comments, ((isset($data['replyTo']) && ($data['replyTo'])) ? $data['replyTo'] : 0)),
         'commentform_subscribe'      => isset($data['subscribe']) ? 'checked="checked"' : '',
-        'commentform_data'           => isset($data['comment'])   ? $data['comment'] : '',
+        'commentform_data'           => isset($data['comment'])   ? htmlspecialchars($data['comment']) : '',
         'is_commentform_showToolbar' => $showToolbar,
         'is_allowSubscriptions'      => $serendipity['allowSubscriptions'],
         'is_moderate_comments'       => $moderate_comments,