From cb41b97873157c34c0104af82a2450c0c6db4269 Mon Sep 17 00:00:00 2001
From: ovclas <ovclas@gmail.com>
Date: Fri, 9 Dec 2011 08:14:01 +0000
Subject: [PATCH] xss defence

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@9936 201d5d3c-b55e-5fd7-737f-ddc643e51545
---
 modules/member/skins/default/member_info.html | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/modules/member/skins/default/member_info.html b/modules/member/skins/default/member_info.html
index 8264f627a..69c16ff25 100644
--- a/modules/member/skins/default/member_info.html
+++ b/modules/member/skins/default/member_info.html
@@ -21,19 +21,19 @@
 {@$title = $extend_form_list[$formInfo->member_join_form_srl]->column_title}
 {@$orgValue = $extend_form_list[$formInfo->member_join_form_srl]->value}
 			<!--@if($formInfo->type=='tel')-->
-				{@$value = htmlspecialchars($orgValue[0])}
+				{@$value = $orgValue[0]}
 					<!--@if($orgValue[1])-->-<!--@end-->
-				{@$value .= htmlspecialchars($orgValue[1])}
+				{@$value .= $orgValue[1]}
 					<!--@if($orgValue[2])-->-<!--@end-->
-				{@$value .= htmlspecialchars($orgValue[2])}
+				{@$value .= $orgValue[2]}
 			<!--@elseif($formInfo->type=='kr_zip')-->
-				{@$value = htmlspecialchars($orgValue[0])}<!--@if($orgValue[1]&&$orgValue[0])--><br /><!--@end-->{@$value .= htmlspecialchars($orgValue[1])}
+				{@$value = $orgValue[0]}<!--@if($orgValue[1]&&$orgValue[0])--><br /><!--@end-->{@$value .= $orgValue[1]}
 			<!--@elseif($formInfo->type=='checkbox' && is_array($orgValue))-->
-				{@$value = htmlspecialchars(implode(", ",$orgValue))}
+				{@$value = implode(", ",$orgValue)}
 			<!--@elseif($formInfo->type=='date')-->
 				{@$value = zdate($orgValue, "Y-m-d")}
 			<!--@else-->
-				{@$value = nl2br(htmlspecialchars($orgValue))}
+				{@$value = nl2br($orgValue)}
 			<!--@end-->
 		<!--@end-->