From 75850fd66bc4f4173b5dae4a489bb9d88197f0bd Mon Sep 17 00:00:00 2001
From: Ralf Becker <ralfbecker@outdoor-training.de>
Date: Tue, 19 May 2009 15:24:15 +0000
Subject: [PATCH] fixed problem pointed out by Necky(T.Okabuchi)
 <neckyegw(at)wanaya.jp>

---
 etemplate/inc/class.etemplate.inc.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/etemplate/inc/class.etemplate.inc.php b/etemplate/inc/class.etemplate.inc.php
index f85b1a2144..81a941f8c5 100644
--- a/etemplate/inc/class.etemplate.inc.php
+++ b/etemplate/inc/class.etemplate.inc.php
@@ -1153,8 +1153,10 @@ class etemplate extends boetemplate
 			case 'htmlarea':	// Multiline formatted Text Input, size: {simple|extended|advanced},height,width,toolbar-expanded,upload-path
 				list($mode,$height,$width,$toolbar,$baseref,$convertnl) = explode(',',$cell_options);
 
-				if ($convertnl == 1) $value = nl2br($value);
-
+				if ($convertnl)
+				{
+					$value = nl2br(html::htmlspecialchars($value));
+				}
 				if (!$readonly)
 				{
 					$mode = $mode ? $mode : 'simple';