From 6993bc2fdf29d3d917e12d0cc98c89ed5050d464 Mon Sep 17 00:00:00 2001
From: shish <shish@7f39781d-f577-437e-ae19-be835c7a54ca>
Date: Fri, 24 Aug 2007 22:28:00 +0000
Subject: [PATCH] html_escape for log messages, just in case...

git-svn-id: file:///home/shish/svn/shimmie2/trunk@477 7f39781d-f577-437e-ae19-be835c7a54ca
---
 contrib/event_log/theme.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/contrib/event_log/theme.php b/contrib/event_log/theme.php
index dcdd147a..8a28e277 100644
--- a/contrib/event_log/theme.php
+++ b/contrib/event_log/theme.php
@@ -45,6 +45,7 @@ class EventLogTheme extends Themelet {
 				</tr>
 		";
 		foreach($events as $event) {
+			$entry = html_escape($event['entry']);
 			$table .= "
 				<tr>
 					<td>
@@ -53,7 +54,7 @@ class EventLogTheme extends Themelet {
 					<td>
 						<a href='".make_link("event_log", "filter=owner_ip&where={$event['owner_ip']}")."'>{$event['owner_ip']}</a>
 					</td>
-					<td rowspan='2' class='entry'>{$event['entry']}</td>
+					<td rowspan='2' class='entry'>{$entry}</td>
 				</tr>
 				<tr>
 					<td>