Index: trunk/kernel/parser.php
===================================================================
diff -u -r715 -r717
--- trunk/kernel/parser.php	(.../parser.php)	(revision 715)
+++ trunk/kernel/parser.php	(.../parser.php)	(revision 717)
@@ -544,22 +544,29 @@
 */
 function m_form_textarea($attribs = array())
 {
-    global $FormValues;
-    $html_attribs = ExtraAttributes($attribs); 
-    $field = $attribs["_field"];
-    $form = $attribs["_form"];
-    if(isset($_POST[$field]))
-    {    
-      $value = stripslashes($_POST[$field]);
-    }
-    else
-        $value = stripslashes($FormValues[$attribs["_form"]][$field]);
-    $ret = "<TEXTAREA NAME=\"$field\" $html_attribs>$value</TEXTAREA>";
-    if($attribs["_required"])
-      $ret .= "<input type=hidden name=required[] VALUE=\"$field\" />";
-    if($attribs["_custom"])
-      $ret .= "<input type=hidden name=\"custom[]\" VALUE=\"$field\" />";
-    return $ret;
+	global $FormValues;
+	$html_attribs = ExtraAttributes($attribs);
+	$field = $attribs["_field"];
+	$form = $attribs["_form"];
+	if(isset($_POST[$field]))
+	{
+		$value = inp_htmlize($_POST[$field],1);
+	}
+	else
+	{
+		$value = inp_htmlize($FormValues[$attribs["_form"]][$field]);
+	}
+
+	$ret = "<TEXTAREA NAME=\"$field\" $html_attribs>$value</TEXTAREA>";
+	if($attribs["_required"])
+	{
+		$ret .= "<input type=hidden name=required[] VALUE=\"$field\" />";
+	}
+	if($attribs["_custom"])
+	{
+		$ret .= "<input type=hidden name=\"custom[]\" VALUE=\"$field\" />";
+	}
+	return $ret;
 }
 
 /*