diff --git a/registerform.sh b/registerform.sh
index a595259..6a1fedf 100755
--- a/registerform.sh
+++ b/registerform.sh
@@ -5,6 +5,9 @@ sendcaptchashort() {
 	curl --silent -XPOST "$captchouliurl" -H "$HTTP_CONTENT_TYPE" -d "$1" > /dev/null
 }
 
+htmlspecialchars() {
+	echo "$1" | sed -e 's/&/,amp/g' -e 's/"/,quot/g' -e 's/</,lt/g' -e 's/>/,gt/g' | head -n 1 
+}
 
 registrationpage() {
 	echo "Content-type: text/html"
@@ -48,7 +51,7 @@ registrationpage() {
 
 # get post body from captchouli to check if its valid later
 data=$(cat)
-id=$(echo "$data" | cut -d '=' -f 2 | cut -d '&' -f 1)
+id=$(htmlspecialchars $(echo "$data" | cut -d '=' -f 2 | cut -d '&' -f 1))
 
 registrationpage
 # sends the captcha id to capthouli so it knows it was solved