XSS filtering

[kampar]

when I try to playing around with contact_us module, I think it will be good if there are some mechanism to filter out XSS or any dangerous HTML tag before inserting it (the $content) into database

this is my quick_and_dirty change on line 69 /modules/contact_us/controllers/contact_us.php

$data['content'] = htmlentities($content);//<script>while(1)alert(1);</script>

[goFrendiAsgard]

Thank you. Gonna merge it soon