Index: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	(revision 352)
+++ trunk/CHANGELOG	(revision 353)
@@ -11,9 +11,13 @@
 ! = Update/Change
 
 ------------------------------------- 2.6.4 -------------------------------------
+20-May-2006 Ryan Djurovich
+#	Fixed security issues related to #237
 19-May-2006 Ryan Djurovich
 #	Fixed problem in forgotten login form where email field is too short (#207)
 #	Fixed typo in forgotten login details email (#190)
+15-May-2006 Stefan Braunewell
+#	Fixed security issues (#237)
 03-May-2006 Stefan Braunewell
 #	Fixed problems with pre-2.6.0 modules in section list
 #	Fixed e-mail bug caused by From: headers in internal mail function calls
Index: trunk/wb/admin/preferences/details.php
===================================================================
--- trunk/wb/admin/preferences/details.php	(revision 352)
+++ trunk/wb/admin/preferences/details.php	(revision 353)
@@ -29,7 +29,7 @@
 $admin = new admin('Preferences');
 
 // Get entered values
-$display_name = $admin->add_slashes($admin->get_post('display_name'));
+$display_name = $wb->add_slashes(strip_tags($admin->get_post('display_name')));
 $language = $admin->get_post('language');
 $timezone = $admin->get_post('timezone')*60*60;
 $date_format = $admin->get_post('date_format');
Index: trunk/wb/admin/preferences/email.php
===================================================================
--- trunk/wb/admin/preferences/email.php	(revision 352)
+++ trunk/wb/admin/preferences/email.php	(revision 353)
@@ -48,6 +48,8 @@
 	$admin->print_error($MESSAGE['USERS']['INVALID_EMAIL']);
 }
 
+$email = $wb->add_slashes($email);
+
 // Update the database
 $database = new database();
 $query = "UPDATE ".TABLE_PREFIX."users SET email = '$email' WHERE user_id = '".$admin->get_user_id()."'";
Index: trunk/wb/account/details.php
===================================================================
--- trunk/wb/account/details.php	(revision 352)
+++ trunk/wb/account/details.php	(revision 353)
@@ -29,7 +29,7 @@
 }
 
 // Get entered values
-$display_name = $wb->get_post('display_name');
+$display_name = $wb->add_slashes(strip_tags($wb->get_post('display_name')));
 $language = $wb->get_post('language');
 $timezone = $wb->get_post('timezone')*60*60;
 $date_format = $wb->get_post('date_format');
Index: trunk/wb/account/email.php
===================================================================
--- trunk/wb/account/email.php	(revision 352)
+++ trunk/wb/account/email.php	(revision 353)
@@ -49,6 +49,8 @@
 	$wb->print_error($MESSAGE['USERS']['INVALID_EMAIL'], $js_back, false);
 }
 
+$email = $wb->add_slashes($email);
+
 // Update the database
 $database = new database();
 $query = "UPDATE ".TABLE_PREFIX."users SET email = '$email' WHERE user_id = '".$wb->get_user_id()."' AND password = '".md5($current_password)."'";