From 191e1d8c176796f5843c208cab6f78717fbc7965 Mon Sep 17 00:00:00 2001
From: Janne Koschinski <janne@kuschku.de>
Date: Mon, 17 Oct 2016 02:22:06 +0200
Subject: [PATCH] Escape normal messages, too

---
 backend/Database.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/Database.php b/backend/Database.php
index b3fb696..f30d30b 100644
--- a/backend/Database.php
+++ b/backend/Database.php
@@ -87,7 +87,7 @@ class Backend {
                    sender.sender,
                    backlog.time,
                    network.networkname,
-                   backlog.message
+                   replace(replace(backlog.message, '<', '&lt;'), '>', '&gt;')
             FROM backlog
             JOIN sender ON backlog.senderid = sender.senderid
             JOIN buffer ON backlog.bufferid = buffer.bufferid
@@ -105,7 +105,7 @@ class Backend {
                    sender.sender,
                    backlog.time,
                    network.networkname,
-                   backlog.message
+                   replace(replace(backlog.message, '<', '&lt;'), '>', '&gt;')
             FROM backlog
             JOIN sender ON backlog.senderid = sender.senderid
             JOIN buffer ON backlog.bufferid = buffer.bufferid
-- 
GitLab