diff --git a/webbuild/webbuild-cgi b/webbuild/webbuild-cgi
index 7829fde..360addb 100755
--- a/webbuild/webbuild-cgi
+++ b/webbuild/webbuild-cgi
@@ -980,8 +980,7 @@ if [ "$REQUEST" = "changespec" ]; then
REQUEST="edit";
fi
elif [ "$REQUEST" = "broadcastmessage" ]; then
- BROADCASTMESSAGE=`echo $BROADCASTMESSAGE | sed "s|<|\<|g"`
- social_log "SUSER=$USER STYPE=broadcastmessage SEMAIL=$USER_EMAIL STEXT=\"said:"$BROADCASTMESSAGE"\" STIME=`date +%s`"
+ social_log "SUSER=$USER STYPE=broadcastmessage SEMAIL=$USER_EMAIL STEXT=\"said:"`var2html BROADCASTMESSAGE`"\" STIME=`date +%s`"
REQUEST=
fi
diff --git a/webbuild/webbuild-functions b/webbuild/webbuild-functions
index 335b204..ca41d33 100644
--- a/webbuild/webbuild-functions
+++ b/webbuild/webbuild-functions
@@ -179,6 +179,20 @@ function cgi_getvars()
return
}
+function var2html()
+{
+ eval r=\$$1
+ r="${r//\&/&}"
+ r="${r//\}"
+ r="${r//\\/\}"
+ r="${r//\"/"}"
+ r="${r//\$/$}"
+ r="${r//\`/`}"
+ r="${r//\*/*}"
+ echo "${r}"
+}
+
function kill_tree() {
local killpid=$1