1 files changed, 1 insertions, 1 deletions
diff --git a/pages/quotes.php b/pages/quotes.php
index 8c6958d..17057c2 100755
--- a/pages/quotes.php
+++ b/pages/quotes.php

@@ -70,7 +70,7 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id'])))
        $template = new FITemplate('quotes/add');
        if (isset($_GET['submit']))
        {
-                $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities($_POST['rash_quote']))));
+                $template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities(stripslashes($_POST['rash_quote'])))));
                if (!isLoggedIn())
                {
                        $insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")";

diff --git a/pages/quotes.php b/pages/quotes.php index 8c6958d..17057c2 100755 --- a/pages/quotes.php +++ b/pages/quotes.php
@@ -70,7 +70,7 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id'])))
70	$template = new FITemplate('quotes/add');	70	$template = new FITemplate('quotes/add');
71	if (isset($_GET['submit']))	71	if (isset($_GET['submit']))
72	{	72	{
73	$template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities($_POST['rash_quote']))));	73	$template->adds_block('SUBMITTED',array('QUOTE' => str_replace("\n","<br />",htmlentities(stripslashes($_POST['rash_quote'])))));
74	if (!isLoggedIn())	74	if (!isLoggedIn())
75	{	75	{
76	$insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")";	76	$insquote = "INSERT INTO rash_queue (quote) VALUES(\"" . mysql_real_escape_string(htmlspecialchars($_POST['rash_quote'])) . "\")";