From a731ac5ea0e84ed83953c26e68c11292ac3691a0 Mon Sep 17 00:00:00 2001
From: steinm <steinm@577cc39b-cfd1-4aa2-8bc3-eda205cea05a>
Date: Tue, 6 Dec 2011 12:29:39 +0000
Subject: [PATCH] - call htmlspecialchars() on email

---
 out/out.UsrView.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/out/out.UsrView.php b/out/out.UsrView.php
index aa3b00271..246ec4e59 100644
--- a/out/out.UsrView.php
+++ b/out/out.UsrView.php
@@ -62,7 +62,7 @@ foreach ($users as $currUser) {
 	
 	print "<td>".htmlspecialchars($currUser->getFullName())."</td>";
 	
-	print "<td><a href=\"mailto:".$currUser->getEmail()."\">".$currUser->getEmail()."</a></td>";
+	print "<td><a href=\"mailto:".htmlspecialchars($currUser->getEmail())."\">".htmlspecialchars($currUser->getEmail())."</a></td>";
 	print "<td>".htmlspecialchars($currUser->getComment())."</td>";
 	
 	if ($settings->_enableUserImage){