diff options
| -rw-r--r-- | includes/common.inc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/includes/common.inc b/includes/common.inc index 82674223e..1634d641b 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -567,7 +567,7 @@ function format_tag($link, $text) { } function form($form, $method = "post", $action = 0, $options = 0) { - return "<form action=\"". ($action ? $action : request_uri()) ."\" method=\"$method\"". ($options ? " $options" : "") .">\n$form</form>\n"; + return "<form action=\"". ($action ? $action : htmlentities(request_uri())) ."\" method=\"$method\"". ($options ? " $options" : "") .">\n$form</form>\n"; } function form_item($title, $value, $description = 0) { |