From d0df5dc12004fb8df15dbde71a640814760331a2 Mon Sep 17 00:00:00 2001
From: zero <skklove@gmail.com>
Date: Fri, 1 Jun 2007 04:10:36 +0000
Subject: [PATCH] git-svn-id: http://xe-core.googlecode.com/svn/trunk@1525
 201d5d3c-b55e-5fd7-737f-ddc643e51545

---
 addons/blogapi/blogapi.addon.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/addons/blogapi/blogapi.addon.php b/addons/blogapi/blogapi.addon.php
index 50963fef5..70a3ed04d 100644
--- a/addons/blogapi/blogapi.addon.php
+++ b/addons/blogapi/blogapi.addon.php
@@ -304,9 +304,9 @@
                         $post->userid = $val->user_id;
                         $post->mt_allow_pings = 0;
                         $post->mt_allow_comments = $val->allow_comment=='Y'?1:0;
-                        $post->description = $val->content;
+                        $post->description = htmlspecialchars($val->content);
                         $post->postid = $val->document_srl;
-                        $post->title = $val->title;
+                        $post->title = htmlspecialchars($val->title);
 
                         $year = substr($val->regdate,0,4);
                         $month = substr($val->regdate,4,2);