plugins/SpecialGroups.php
changeset 447 a9a3789ce02d
parent 322 5f1cd51bf1be
child 458 c433348f3628
--- a/plugins/SpecialGroups.php	Fri Jan 18 10:35:33 2008 -0500
+++ b/plugins/SpecialGroups.php	Sat Jan 19 00:47:52 2008 -0500
@@ -502,7 +502,8 @@
       echo '<select name="group_id">';
       foreach ( $session->groups as $id => $group )
       {
-        $taboo[] = $group;
+        $taboo[] = $db->escape($group);
+        $group = htmlspecialchars($group);
         if ( $group != 'Everyone' )
         {
           echo '<option value="' . $id . '">' . $group . '</option>';