diff --git a/guestbook/submit.php b/guestbook/submit.php index 8c38dca..67659a6 100755 --- a/guestbook/submit.php +++ b/guestbook/submit.php @@ -23,7 +23,7 @@ } else { $db = new PDO("sqlite:/mnt/data1/webdata/floppydisk/guestbook.db"); $name = $_POST["name"]; - $msg = htmlspecialchars($_POST["message"]); + $msg = strip_tags($_POST["message"]); $showinfo = isset($_POST["showinfo"]) ? true : false; $showip = isset($_POST["showip"]) ? true : false; $ip = $_SERVER['REMOTE_ADDR'];