From c7d72306ed4175a0b44a0ca31c5f0e1d4a96b449 Mon Sep 17 00:00:00 2001
From: Michael Save <savetheinternet@tinyboard.org>
Date: Sat, 7 Jan 2012 21:10:10 +1100
Subject: [PATCH] XSS in login form

---
 inc/display.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inc/display.php b/inc/display.php
index 7a1a3901..7f0226d4 100644
--- a/inc/display.php
+++ b/inc/display.php
@@ -99,7 +99,7 @@
 			'body'=>Element('login.html', Array(
 				'config'=>$config,
 				'error'=>$error,
-				'username'=>$username,
+				'username'=>utf8tohtml($username),
 				'redirect'=>$redirect
 				)
 			)