Sometimes I have used Edit on other comment to view the source codes of the comment; removing is not too bad since the browser view-source function can be used instead; but still, that was convenient.
Also, you should fix it (if not done already) so that everywhere the PHP code fills textareas from data in the database, it should use htmlspecialchars.
Sometimes I have used Edit on other comment to view the source codes of the comment; removing is not too bad since the browser view-source function can be used instead; but still, that was convenient.
Also, you should fix it (if not done already) so that everywhere the PHP code fills textareas from data in the database, it should use htmlspecialchars.