From 6d6280b7a251a597e6dbac998e43a921ebd32047 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 27 Dec 2007 08:08:11 +0000
Subject: [PATCH] Add some sanitization

git-svn-id: http://svn.automattic.com/wordpress/trunk@6500 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-mail.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/wp-mail.php b/wp-mail.php
index 8ccdf03b6..7994babde 100644
--- a/wp-mail.php
+++ b/wp-mail.php
@@ -181,12 +181,12 @@ for ($i=1; $i <= $count; $i++) :
 
 	do_action('publish_phone', $post_ID);
 
-	echo "\n<p><b>Author:</b> $post_author</p>";
-	echo "\n<p><b>Posted title:</b> $post_title<br />";
-	echo "\n<b>Posted content:</b><br /><pre>".$content.'</pre></p>';
+	echo "\n<p><b>Author:</b> " . wp_specialchars($post_author) . "</p>";
+	echo "\n<p><b>Posted title:</b> " . sanitize_post_field('post_title', $post_title, $post_ID, 'display') . "<br />";
+	echo "\n<b>Posted content:</b><br /><pre>". sanitize_post_field('post_content', $post_content, $post_ID, 'display') . '</pre></p>';
 
 	if(!$pop3->delete($i)) {
-		echo '<p>Oops '.$pop3->ERROR.'</p></div>';
+		echo '<p>Oops '.wp_specialchars($pop3->ERROR).'</p></div>';
 		$pop3->reset();
 		exit;
 	} else {