r1036: Try using htmlspecialchars()

diff --git a/syndicate.php b/syndicate.php
index c00f910af2b00063334d97aca3113aefd8689be2..d8679b62ecd5e02f967e1f9305dfac36dbd343a2 100644 (file)
--- a/syndicate.php
+++ b/syndicate.php
@@ -2,7 +2,7 @@
 /*=====================================================================*\
 || ###################################################################
 || # Bugdar [#]version[#]
-|| # Copyright ©2002-[#]year[#] Blue Static
+|| # Copyright ©2002-[#]year[#] Blue Static
 || #
 || # This program is free software; you can redistribute it and/or modify
 || # it under the terms of the GNU General Public License as published by
@@ -56,7 +56,7 @@ $bugs_fetch = $db->query("
 );
 while ($bug = $db->fetch_array($bugs_fetch))
 {
-       $bug['storytext'] = str_replace(array('<', '>'), array('&lt;', '&gt;'), sprintf(
+       $bug['storytext'] = htmlspecialchars(sprintf(
                $lang->string('<table cellspacing="0" cellpadding="3" border="0">
 <tr>
        <td><strong>Bug ID:</strong></td>