From 7986670917feb1dfc42c12660589801a89d428bf Mon Sep 17 00:00:00 2001
From: Aleksei Miheev <aleksei@miheev.info>
Date: Sun, 5 Jan 2014 13:30:45 +0000
Subject: [PATCH] Escape posts titles in post history code

---
 Sources/Post.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Sources/Post.php b/Sources/Post.php
index 6b08140..69f7194 100644
--- a/Sources/Post.php
+++ b/Sources/Post.php
@@ -1265,7 +1265,7 @@ function Post2()
 				'{$_REQUEST['msg']}',
 				'{$context['user']['id']}',
 				UNIX_TIMESTAMP(),
-				'{$oldSubject}',
+				'".mysql_real_escape_string($oldSubject)."',
 				'{$oldBody}'
 				)", __FILE__, __LINE__);