diff --git a/src/webim/operator/update.php b/src/webim/operator/update.php
index 6ff7efc0..91abdc2e 100644
--- a/src/webim/operator/update.php
+++ b/src/webim/operator/update.php
@@ -49,9 +49,9 @@ function thread_to_xml($thread) {
$result .= " canopen=\"true\"";
$result .= " state=\"$state\">";
- $result .= "".htmlspecialchars(get_user_name($thread['userName']))."";
- $result .= "".htmlspecialchars($thread['remote'])."";
- $result .= "".htmlspecialchars($threadoperator)."";
+ $result .= "".htmlspecialchars(htmlspecialchars(get_user_name($thread['userName'])))."";
+ $result .= "".htmlspecialchars(htmlspecialchars($thread['remote']))."";
+ $result .= "".htmlspecialchars(htmlspecialchars($threadoperator))."";
$result .= "";
$result .= "".$thread['unix_timestamp(dtmmodified)']."000";
$result .= "";
diff --git a/src/webim/view/chat_ajaxed.php b/src/webim/view/chat_ajaxed.php
index 0e4b4f90..a614648e 100644
--- a/src/webim/view/chat_ajaxed.php
+++ b/src/webim/view/chat_ajaxed.php
@@ -87,7 +87,7 @@ var threadParams = { servl:"/webim/thread.php",frequency:2,
- ">
+ ">
|
|