From 060f1bcee653d785a86fcbdf8ebfd79ebb8c7172 Mon Sep 17 00:00:00 2001
From: Will Rossiter <will@silverstripe.com>
Date: Mon, 25 May 2009 04:38:29 +0000
Subject: [PATCH] BUGFIX: fixed #4119 by using htmlentities rather then Convert
 functions

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.3@77737 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 forms/TextareaField.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/forms/TextareaField.php b/forms/TextareaField.php
index 01d1d0467..3f68b8866 100755
--- a/forms/TextareaField.php
+++ b/forms/TextareaField.php
@@ -47,7 +47,7 @@ class TextareaField extends FormField {
 			return $this->createTag(
 				'span',
 				$attributes,
-				($this->value ? $this->value : '<i>(' . _t('FormField.NONE', 'none') . ')</i>')
+				(($this->value) ? htmlentities($this->value) : '<i>(' . _t('FormField.NONE', 'none') . ')</i>')
 			);
 		} else {
 			$attributes = array(
@@ -60,7 +60,7 @@ class TextareaField extends FormField {
 			
 			if($this->disabled) $attributes['disabled'] = 'disabled';
 			
-			return $this->createTag('textarea', $attributes, $this->value);
+			return $this->createTag('textarea', $attributes, htmlentities($this->value));
 		}
 	}