From 2ee1b00c9c17f9ae299376a84d8055b0308864bf Mon Sep 17 00:00:00 2001
From: Mike Macgirvin <mike@macgirvin.com>
Date: Fri, 13 Aug 2010 05:59:59 -0700
Subject: [PATCH] missed escape on email receive

---
 mod/dfrn_notify.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 057dfcb422..03d96d27ea 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -68,6 +68,7 @@ function dfrn_notify_post(&$a) {
 		$msg['parent-uri'] = notags(unxmlify($base['in-reply-to'][0]['data']));
 		$msg['created'] = datetime_convert(notags(unxmlify('UTC','UTC',$base['sentdate'][0]['data'])));
 
+		dbesc_array($msg);
 
 		$r = q("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) 
 			. "`) VALUES ('" . implode("', '", array_values($msg)) . "')" );