From 7ce72693df6bd6f8c95a14c1040cc21acca297c1 Mon Sep 17 00:00:00 2001
From: Graham Eames <grahamje@users.sourceforge.net>
Date: Sat, 4 Feb 2006 19:49:41 +0000
Subject: [PATCH] Replace usage of strip_tags with htmlspecialchars for
 consistancy with posting

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5519 89ea8834-ac86-4346-8a33-228a782c2dd0
---
 phpBB/privmsg.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/phpBB/privmsg.php b/phpBB/privmsg.php
index f310d8253a..e69e8ab716 100644
--- a/phpBB/privmsg.php
+++ b/phpBB/privmsg.php
@@ -1187,7 +1187,7 @@ else if ( $submit || $refresh || $mode != '' )
 			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['No_to_user'];
 		}
 
-		$privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));
+		$privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
 		if ( empty($privmsg_subject) )
 		{
 			$error = TRUE;
@@ -1374,7 +1374,7 @@ else if ( $submit || $refresh || $mode != '' )
 		//
 		$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';
 
-		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
+		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
 		$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
 		$privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
 		if ( !$preview )