From 713811353c0347886565eb60f239abb8ca8bcec3 Mon Sep 17 00:00:00 2001
From: Len Kranendonk <len@webgui-svn>
Date: Fri, 21 Feb 2003 14:03:06 +0000
Subject: [PATCH] fixed possible security problem.

---
 lib/WebGUI/Wobject/MailForm.pm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/WebGUI/Wobject/MailForm.pm b/lib/WebGUI/Wobject/MailForm.pm
index 33e03fd8f..57e27880d 100755
--- a/lib/WebGUI/Wobject/MailForm.pm
+++ b/lib/WebGUI/Wobject/MailForm.pm
@@ -358,6 +358,8 @@ sub _createField {
 	my $name = WebGUI::URL::urlize($data->{name});
 	my $f = WebGUI::HTMLForm->new( 'noTable' );
 
+	$session{form}{$name} =~ s/\^.*?\;//gs ; # remove macro's from user input
+
 	SWITCH: for ($data->{type}) {
 		/^text$/ && do {
 			$f->text(