diff --git a/ecrire/controle_forum.php3 b/ecrire/controle_forum.php3
index e3ccd3b7dca9cb113f618c9f3d908877c88db885..07cc1e40f742eb19a94d1a3ef3f40cef09ae9c6b 100644
--- a/ecrire/controle_forum.php3
+++ b/ecrire/controle_forum.php3
@@ -67,7 +67,6 @@ debut_droite();
 
 
 function forum_parent($id_forum) {
-
 	$query_forum = "SELECT * FROM spip_forum WHERE id_forum=\"$id_forum\" AND statut != 'redac'";
  	$result_forum = spip_query($query_forum);
 
@@ -183,12 +182,12 @@ function controle_forum($request,$adresse_retour) {
 		$forum_id_article = $row['id_article'];
 		$forum_id_breve = $row['id_breve'];
 		$forum_date_heure = $row['date_heure'];
-		$forum_titre = $row['titre'];
-		$forum_texte = $row['texte'];
-		$forum_auteur = $row['auteur'];
-		$forum_email_auteur = $row['email_auteur'];
-		$forum_nom_site = $row['nom_site'];
-		$forum_url_site = $row['url_site'];
+		$forum_titre = echapper_tags($row['titre']);
+		$forum_texte = echapper_tags($row['texte']);
+		$forum_auteur = echapper_tags($row['auteur']);
+		$forum_email_auteur = echapper_tags($row['email_auteur']);
+		$forum_nom_site = echapper_tags($row['nom_site']);
+		$forum_url_site = echapper_tags($row['url_site']);
 		$forum_stat = $row['statut'];
 		$forum_ip = $row['ip'];
 		$forum_id_auteur = $row["id_auteur"];
diff --git a/ecrire/controle_petition.php3 b/ecrire/controle_petition.php3
index cf5eb5e2669e00374d1e74ef02def69e5778c242..8f7824b7ff0245eb05962e9fe25f036f57e035a8 100644
--- a/ecrire/controle_petition.php3
+++ b/ecrire/controle_petition.php3
@@ -56,11 +56,11 @@ function controle_forum($request,$adresse_retour) {
 		$id_signature = $row['id_signature'];
 		$id_article = $row['id_article'];
 		$date_time = $row['date_time'];
-		$nom_email= typo($row['nom_email']);
-		$ad_email = $row['ad_email'];
-		$nom_site = typo($row['nom_site']);
-		$url_site = $row['url_site'];
-		$message = propre($row['message']);
+		$nom_email= typo(echapper_tags($row['nom_email']));
+		$ad_email = echapper_tags($row['ad_email']);
+		$nom_site = typo(echapper_tags($row['nom_site']));
+		$url_site = echapper_tags($row['url_site']);
+		$message = propre(echapper_tags($row['message']));
 		$statut = $row['statut'];
 		
 		
diff --git a/ecrire/inc_filtres.php3 b/ecrire/inc_filtres.php3
index 75777e7b187c0659b323e1d5f3c9cb844badea00..f7d204c37fb6c5ae1abbb736eca84412d2a8982a 100644
--- a/ecrire/inc_filtres.php3
+++ b/ecrire/inc_filtres.php3
@@ -34,6 +34,12 @@ function supprimer_tags($texte, $rempl = "") {
 	return $texte;
 }
 
+// Convertit les <...> en la version lisible en HTML
+function echapper_tags($texte, $rempl = "") {
+	$texte = ereg_replace("<([^>]*)>", "&lt;\\1&gt;", $texte);
+	return $texte;
+}
+
 // Convertit un texte HTML en texte brut
 function textebrut($texte) {
 	$texte = ereg_replace("[\n\r]+", " ", $texte);