From 652d170af292e4ebdc115f3ac348a7b65eb8cb7b Mon Sep 17 00:00:00 2001
From: Alex King <alexkingorg@git.wordpress.org>
Date: Tue, 9 Dec 2003 17:16:28 +0000
Subject: [PATCH] added htmlspecialchars to outputing comment author name,
 added 'Anonymous' as a default if no name provided

git-svn-id: https://develop.svn.wordpress.org/trunk@595 602fd350-edb4-49c9-b593-d223f7449a82
---
 b2-include/b2template.functions.php | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/b2-include/b2template.functions.php b/b2-include/b2template.functions.php
index b40163bbaf..a90e339630 100644
--- a/b2-include/b2template.functions.php
+++ b/b2-include/b2template.functions.php
@@ -1496,7 +1496,12 @@ function comment_ID() {
 
 function comment_author() {
 	global $comment;
-	echo stripslashes($comment->comment_author);
+	if (!empty($comment->comment_author)) {
+		echo htmlspecialchars(stripslashes($comment->comment_author));
+	}
+	else {
+		echo "Anonymous";
+	}
 }
 
 function comment_author_email() {
@@ -1508,7 +1513,10 @@ function comment_author_link() {
 	global $comment;
 	$url = trim(stripslashes($comment->comment_author_url));
 	$email = stripslashes($comment->comment_author_email);
-	$author = stripslashes($comment->comment_author);
+	$author = htmlspecialchars(stripslashes($comment->comment_author));
+	if (empty($author)) {
+		$author = "Anonymous";
+	}
 
 	$url = str_replace('http://url', '', $url);
 
@@ -1619,7 +1627,12 @@ function comments_rss_link($link_text='Comments RSS', $commentsrssfilename = 'wp
 
 function comment_author_rss() {
 	global $comment;
-	echo strip_tags(stripslashes($comment->comment_author));
+	if (!empty($comment->comment_author)) {
+		echo htmlspecialchars(strip_tags(stripslashes($comment->comment_author)));
+	}
+	else {
+		echo "Anonymous";
+	}
 }
 
 function comment_text_rss() {