From 0f682aad13d36bbda4312e1556093bae43c80d91 Mon Sep 17 00:00:00 2001
From: alex_t_king <alex_t_king@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Tue, 9 Dec 2003 17:16:28 +0000
Subject: [PATCH] added htmlspecialchars to outputing comment author name,
 added 'Anonymous' as a default if no name provided

git-svn-id: http://svn.automattic.com/wordpress/trunk@595 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 b2-include/b2template.functions.php | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/b2-include/b2template.functions.php b/b2-include/b2template.functions.php
index b40163bba..a90e33963 100644
--- a/b2-include/b2template.functions.php
+++ b/b2-include/b2template.functions.php
@@ -1496,7 +1496,12 @@ function comment_ID() {
 
 function comment_author() {
 	global $comment;
-	echo stripslashes($comment->comment_author);
+	if (!empty($comment->comment_author)) {
+		echo htmlspecialchars(stripslashes($comment->comment_author));
+	}
+	else {
+		echo "Anonymous";
+	}
 }
 
 function comment_author_email() {
@@ -1508,7 +1513,10 @@ function comment_author_link() {
 	global $comment;
 	$url = trim(stripslashes($comment->comment_author_url));
 	$email = stripslashes($comment->comment_author_email);
-	$author = stripslashes($comment->comment_author);
+	$author = htmlspecialchars(stripslashes($comment->comment_author));
+	if (empty($author)) {
+		$author = "Anonymous";
+	}
 
 	$url = str_replace('http://url', '', $url);
 
@@ -1619,7 +1627,12 @@ function comments_rss_link($link_text='Comments RSS', $commentsrssfilename = 'wp
 
 function comment_author_rss() {
 	global $comment;
-	echo strip_tags(stripslashes($comment->comment_author));
+	if (!empty($comment->comment_author)) {
+		echo htmlspecialchars(strip_tags(stripslashes($comment->comment_author)));
+	}
+	else {
+		echo "Anonymous";
+	}
 }
 
 function comment_text_rss() {