From 852c4741353ee65c68e8176d1668a4bfd2f90764 Mon Sep 17 00:00:00 2001
From: conradverm <conradverm@c91229c3-7414-0410-bfa2-8a42b809f60b>
Date: Fri, 13 Jul 2007 15:14:09 +0000
Subject: [PATCH] KTS-2178 "cross site scripting" Updated.

---
 templates/ktstandard/action/discussion_comment_list_item.smarty | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/templates/ktstandard/action/discussion_comment_list_item.smarty b/templates/ktstandard/action/discussion_comment_list_item.smarty
index abb50ab..385c19b 100644
--- a/templates/ktstandard/action/discussion_comment_list_item.smarty
+++ b/templates/ktstandard/action/discussion_comment_list_item.smarty
@@ -5,16 +5,16 @@
 {else}
 <dl class="kt-discussion-comment odd-comment">
 {/if}
-  
-  <dt>{i18n arg_subject=$comment->getSubject() arg_author=$creator->getName() arg_date=$comment->getDate()}
-    <span class="subject">#subject#</span>
+
+  <dt>
+    <span class="subject">{$comment->getSubject()|sanitize_input}</span>
     by
-    <span class="author">#author#</span>
-    <span class="date">(#date#)</span>
-    {/i18n}
+    <span class="author">{$creator->getName()}</span>
+    <span class="date">({$comment->getDate()})</span>
+
   </dt>
-  
-  <dd>{$comment->getBody()}</dd>
+
+  <dd>{$comment->getBody()|sanitize_input}</dd>
 
 </dl>
 
--
libgit2 0.21.4