avoid rather nasty potential XSS vulnerability

comments.php

@@ -97,8 +97,8 @@
 				$name 	= $user['userid'];
 			} else {
 
-				$name 	= trim(stripslashes(@$_POST['name']));
-				$email 	= isset($_POST['email'])? trim($_POST['email']) : null;
+				$name 	= trim(htmlspecialchars(@$_POST['name']));
+				$email 	= isset($_POST['email'])? trim(htmlspecialchars($_POST['email'])) : null;
 				$url 	= isset($_POST['url'])? trim(stripslashes(htmlspecialchars($_POST['url']))) : null;
 				
 				/*