summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--includes/pages/guest_login.php2
-rw-r--r--includes/sys_template.php2
2 files changed, 2 insertions, 2 deletions
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
index 1a8465dc..b9aca87d 100644
--- a/includes/pages/guest_login.php
+++ b/includes/pages/guest_login.php
@@ -48,7 +48,7 @@ function guest_register() {
}
} else {
$ok = false;
- $msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), strip_request_item('nick')), true);
+ $msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true);
}
if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) {
diff --git a/includes/sys_template.php b/includes/sys_template.php
index 569783a7..78519143 100644
--- a/includes/sys_template.php
+++ b/includes/sys_template.php
@@ -113,7 +113,7 @@ function form_submit($name, $label) {
*/
function form_text($name, $label, $value, $disabled = false) {
$disabled = $disabled ? ' disabled="disabled"' : '';
- return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . $value . '" ' . $disabled . '/>', 'form_' . $name);
+ return form_element($label, '<input id="form_' . $name . '" type="text" name="' . $name . '" value="' . htmlspecialchars($value) . '" ' . $disabled . '/>', 'form_' . $name);
}
/**