From 6ef592823f1e110455db80b1a29d22d21f411fa4 Mon Sep 17 00:00:00 2001
From: phixxy <bottlecap@protonmail.com>
Date: Sun, 21 Jan 2024 02:49:52 -0800
Subject: [PATCH] sanitize inputs

---
 extensions/phixxycom.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/extensions/phixxycom.py b/extensions/phixxycom.py
index 48a3956..c5a39e2 100644
--- a/extensions/phixxycom.py
+++ b/extensions/phixxycom.py
@@ -2,7 +2,7 @@ import os
 import io
 import base64
 import time
-import json
+import html
 import asyncssh
 from PIL import Image, PngImagePlugin
 from discord.ext import commands, tasks
@@ -36,7 +36,7 @@ class PhixxyCom(commands.Cog):
                 if filename in line:
                     prompt = line[line.index("Prompt: ") + 7:line.index("Filename: ")]
                     prompt = ''.join(prompt.rsplit(',', 1)) # Remove the last comma
-                    return prompt
+                    return html.escape(prompt)
         return "Unknown Prompt"
 
     async def upload_sftp(self, local_filename, server_folder, server_filename):