Quotes within HTML tags not escaped

[vanyel]

Hi all,

I believe the bug I'm having with Pligg 8.2 is that quotes within allowed HTML tags are not being escaped. This causes a problem when attempting to submit a story with quotes within <embed><object><param> tags like so:

Quote:

<a title="submit 'testing dance thing' to del.icio.us" href="http://del.icio.us/post" onclick="window.open('http://del.icio.us/post?v=4&amp;noui&amp;jump=close&amp;url=http%3A%2 F%2Fwww.youtube.com%2Fwatch%3Fv%3Dt8RQqd9saDk&amp; title=testing+dance+thing', 'del.icio.us','toolbar=no,width=700,height=400'); return false;"><img src="http://www.betterdance.com/templates/mollio-beat/images/delicious.png" border="0" alt="submit 'testing dance thing' to del.icio.us" /></a>
&nbsp;&nbsp; <a title="submit 'testing dance thing' to digg" href="http://digg.com/submit?phase=2&amp;url=http%3A%2F%2Fwww.youtube.co m%2Fwatch%3Fv%3Dt8RQqd9saDk&amp;title=testing dance thing&amp;bodytext=<object width="425"

Posting is fine when I just have quotes in the body of a story, with no HTML tags.


What's the best fix for this?

[athle]

that's a problem. hope some one can help