Index: openacs-4/packages/xowiki/tcl/weblog-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/xowiki/tcl/weblog-procs.tcl,v
diff -u -N -r1.66 -r1.67
--- openacs-4/packages/xowiki/tcl/weblog-procs.tcl	11 May 2015 11:12:20 -0000	1.66
+++ openacs-4/packages/xowiki/tcl/weblog-procs.tcl	12 Jun 2015 09:05:29 -0000	1.67
@@ -65,8 +65,15 @@
     # set up filters
     set extra_from_clause ""
     set extra_where_clause ""
-    
+
     if {$date ne ""} {
+      if {[regexp {['\"<>]} $date]} {
+        ns_log Warning "ignoring invalid date '$date'"
+        set date ""
+        set query [::xo::update_query $query date ""]
+      }
+    }
+    if {$date ne ""} {
       #set date_clause "and date_trunc('day',bt.publish_date) = '$date'"
       set date_clause "and [::xo::dc date_trunc_expression day bt.publish_date :date]"
       set filter_msg "Filtered by date $date"