Merged 5487:5525 from 1.7 to trunk.

git-svn-id: http://code.elgg.org/elgg/trunk@5621 36083f99-b078-4883-b0ff-0f9b5a30f544
author: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> 2010-04-05 15:11:05 +0000
committer: brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544> 2010-04-05 15:11:05 +0000
commit: 5571ca5b350fd1735f13af7ddfbb88afa6befb0c (patch)
tree: f8f2c4e1705a3edd6ec5d759f188926f7495021c /mod/messages/actions
parent: 394f52f0ef0d743cb50352fce14020837662d891 (diff)
download: elgg-5571ca5b350fd1735f13af7ddfbb88afa6befb0c.tar.gz
elgg-5571ca5b350fd1735f13af7ddfbb88afa6befb0c.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/mod/messages/actions/send.php b/mod/messages/actions/send.php
index cf9de8ba5..314b01809 100644
--- a/mod/messages/actions/send.php
+++ b/mod/messages/actions/send.php
@@ -13,7 +13,7 @@
 if (!isloggedin()) forward();
 
 // Get input data
-$title = get_input('title'); // message title
+$title = strip_tags(get_input('title')); // message title
 $message_contents = get_input('message'); // the message
 $send_to = get_input('send_to'); // this is the user guid to whom the message is going to be sent
 $reply = get_input('reply',0); // this is the guid of the message replying to
@@ -58,4 +58,4 @@ unset($_SESSION['msg_contents']);
 system_message(elgg_echo("messages:posted"));
 
 // Forward to the users inbox
-forward('mod/messages/sent.php');
-\ No newline at end of file
+forward('mod/messages/sent.php');
author	brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>	2010-04-05 15:11:05 +0000
committer	brettp <brettp@36083f99-b078-4883-b0ff-0f9b5a30f544>	2010-04-05 15:11:05 +0000
commit	5571ca5b350fd1735f13af7ddfbb88afa6befb0c (patch)
tree	f8f2c4e1705a3edd6ec5d759f188926f7495021c /mod/messages/actions
parent	394f52f0ef0d743cb50352fce14020837662d891 (diff)
download	elgg-5571ca5b350fd1735f13af7ddfbb88afa6befb0c.tar.gz elgg-5571ca5b350fd1735f13af7ddfbb88afa6befb0c.tar.bz2