?> <form method="post" action="<?PHP echo $form_action?>">
<input type="hidden" name="mailbox" value="<?PHP echo htmlspecialchars($mailbox) ?>" />
<input type="hidden" name="spamcop_is_composing" value="<?PHP echo htmlspecialchars($passed_id) ?>" />
- <input type="hidden" name="send_to" value="<?PHP echo $report_email?>" />
+ <input type="hidden" name="send_to" value="<?PHP echo htmlspecialchars($report_email)?>" />
<input type="hidden" name="subject" value="reply anyway" />
<input type="hidden" name="identity" value="0" />
<input type="hidden" name="session" value="<?PHP echo $session?>" />
} ?>
<input type="hidden" name="action" value="submit" />
<input type="hidden" name="oldverbose" value="1" />
- <input type="hidden" name="code" value="<?PHP echo $spamcop_id ?>" />
+ <input type="hidden" name="code" value="<?PHP echo htmlspecialchars($spamcop_id) ?>" />
<input type="hidden" name="spam" value="<?PHP echo htmlspecialchars($spam_message); ?>" />
<?php
echo '<input type="submit" name="x1" value="' . _("Send Spam Report") . "\" />\n";