--- writeback.orig	2003-07-02 02:00:12.000000000 +0900
+++ writeback	2003-07-02 02:00:31.000000000 +0900
@@ -163,7 +163,14 @@
 
   if ( $fh->open("$writeback_dir$path/$filename.$file_extension") ) {
     foreach my $line (<$fh>) {
-      $line =~ /^(.+?):(.*)$/ and $param{$1} = $2;
+      $line =~ /^(.+?):(.*)$/;
+      my $wb_key = $1;
+      my $wb_value = $2;
+      $wb_value =~ s/&/&amp;/g;
+      $wb_value =~ s/\"/&quot;/g;
+      $wb_value =~ s/</&lt;/g;
+      $wb_value =~ s/>/&gt;/g;
+      $param{$wb_key} = $wb_value;
       if ( $line =~ /^-----$/ ) {
 
         my $writeback = &$blosxom::template($path,'writeback',$blosxom::flavour) || '<p><b>Name/Blog:</b> $writeback::name$writeback::blog_name<br /><b>URL:</b> $writeback::url<br /><b>Title:</b> $writeback::title<br /><b>Comment/Excerpt:</b> $writeback::comment$writeback::excerpt</p>';