Fixed a possible XSS attack flaw

modules/invite/tab1.tpl

@@ -71,10 +71,10 @@
 			<tr class="{if $smarty.section.friends.index % 2}item{else}alternate_item{/if}">
 				<td class="align_right">{$smarty.section.friends.iteration}</td>
 				{if $askName}
-				<td><input type="text" class="text firstname" name="friendsFirstname[{$smarty.section.friends.index}]" size="20" value="{if isset($smarty.post.friendsFirstname[$smarty.section.friends.index])}{$smarty.post.friendsFirstname[$smarty.section.friends.index]}{/if}" /></td>
-				<td><input type="text" class="text lastname" name="friendsFLastname[{$smarty.section.friends.index}]" size="20" value="{if isset($smarty.post.friendsFLastname[$smarty.section.friends.index])}{$smarty.post.friendsFLastname[$smarty.section.friends.index]}{/if}" /></td>
+				<td><input type="text" class="text firstname" name="friendsFirstname[{$smarty.section.friends.index}]" size="20" value="{if isset($smarty.post.friendsFirstname[$smarty.section.friends.index])}{$smarty.post.friendsFirstname[$smarty.section.friends.index]|escape:'htmlall':'utf-8'}{/if}" /></td>
+				<td><input type="text" class="text lastname" name="friendsFLastname[{$smarty.section.friends.index}]" size="20" value="{if isset($smarty.post.friendsFLastname[$smarty.section.friends.index])}{$smarty.post.friendsFLastname[$smarty.section.friends.index]|escape:'htmlall':'utf-8'}{/if}" /></td>
 				{/if}
-				<td><input type="text" class="text email" name="friendsEmail[{$smarty.section.friends.index}]" size="20" value="{if isset($smarty.post.friendsEmail[$smarty.section.friends.index])}{$smarty.post.friendsEmail[$smarty.section.friends.index]}{/if}" /></td>
+				<td><input type="text" class="text email" name="friendsEmail[{$smarty.section.friends.index}]" size="20" value="{if isset($smarty.post.friendsEmail[$smarty.section.friends.index])}{$smarty.post.friendsEmail[$smarty.section.friends.index]|escape:'htmlall':'utf-8'}{/if}" /></td>
 			</tr>
 			{/section}
 		</tbody>