diff --git a/checkin_notes b/checkin_notes
index 7c9054f300..bc304fb753 100644
--- a/checkin_notes
+++ b/checkin_notes
@@ -11177,8 +11177,8 @@ David  16 Nov 2007
 David  16 Nov 2007
     - manager: compile fix
 
-    clientgui/
-        BOINCTaskBar.cpp
+	clientgui/
+		BOINCTaskBar.cpp
 
 Rytis  17 Nov 2007
     - user web: add "Powered by BOINC" logo to the repository and update
@@ -11188,3 +11188,15 @@ Rytis  17 Nov 2007
         img/
             pb_boinc.gif
         sample_index.php
+
+David  17 Nov 2007
+    - user web: bug fix in moderation email send (fixes #485)
+    - BOINC-wide teams: HTML-escape user-supplied text (fixes #487)
+
+    html/
+        ops/
+            team_import.php
+            team_export.php
+        user/
+            forum_moderator_post_action.php
+
diff --git a/doc/index.php b/doc/index.php
index a4e6f3ceb4..c0ad20a822 100644
--- a/doc/index.php
+++ b/doc/index.php
@@ -1,4 +1,15 @@
 <?php
+$host = $_SERVER["SERVER_NAME"];
+if ($host == "bossa.berkeley.edu") {
+    Header("Location: http://boinc.berkeley.edu/trac/wiki/BossaIntro");
+    exit();
+
+}
+if ($host == "bolt.berkeley.edu") {
+    Header("Location: http://boinc.berkeley.edu/trac/wiki/BoltIntro");
+    exit();
+}
+
 require_once("docutil.php");
 require_once("../html/inc/translation.inc");
 
diff --git a/html/ops/team_export.php b/html/ops/team_export.php
index 4a0e29d302..96267dea27 100755
--- a/html/ops/team_export.php
+++ b/html/ops/team_export.php
@@ -22,20 +22,20 @@ function handle_team($team, $f) {
     $user_email_munged = str_rot13($user->email_addr);
     fwrite($f, 
 "<team>
-   <name>$team->name</name>
-   <url>$team->url</url>
+   <name>".htmlspecialchars($team->name)."</name>
+   <url>".htmlspecialchars($team->url)."</url>
    <type>$team->type</type>
-   <name_html>$team->name_html</name_html>
+   <name_html>".htmlspecialchars($team->name_html)."</name_html>
    <description>
-$team->description
+".htmlspecialchars($team->description)."
     </description>
    <country>$team->country</country>
    <id>$team->id</id>
    <user_email_munged>$user_email_munged</user_email_munged>
-   <user_name>$user->name</user_name>
-   <user_country>$user->country</user_country>
-   <user_postal_code>$user->postal_code</user_postal_code>
-   <user_url>$user->url</user_url>
+   <user_name>".htmlspecialchars($user->name)."</user_name>
+   <user_country>".htmlspecialchars($user->country)."</user_country>
+   <user_postal_code>".htmlspecialchars($user->postal_code)."</user_postal_code>
+   <user_url>".htmlspecialchars($user->url)."</user_url>
 </team>
 "
     );
diff --git a/html/ops/team_import.php b/html/ops/team_import.php
index 1314167a1f..0d9f9c8ff3 100755
--- a/html/ops/team_import.php
+++ b/html/ops/team_import.php
@@ -25,6 +25,14 @@ function lookup_team_seti_id($id) {
 function parse_team($f) {
     while ($s = fgets($f)) {
         if (strstr($s, '</team>')) {
+            $t->name = htmlspecialchars_decode($t->name);
+            $t->url = htmlspecialchars_decode($t->url);
+            $t->name_html = htmlspecialchars_decode($t->name_html);
+            $t->description = htmlspecialchars_decode($t->description);
+            $t->user_name = htmlspecialchars_decode($t->user_name);
+            $t->user_country = htmlspecialchars_decode($t->user_country);
+            $t->user_postal_code = htmlspecialchars_decode($t->user_postal_code);
+            $t->user_url = htmlspecialchars_decode($t->user_url);
             return $t;
         }
         else if (strstr($s, '<name>')) $t->name = parse_element($s, '<name>');
diff --git a/html/user/forum_moderate_post_action.php b/html/user/forum_moderate_post_action.php
index e2e1879333..d338771690 100644
--- a/html/user/forum_moderate_post_action.php
+++ b/html/user/forum_moderate_post_action.php
@@ -100,9 +100,9 @@ default:
 
 if ($result) {
     if (post_str('reason', true)){
-        send_moderation_email($post, "Category: ".$mod_category."\n".post_str("reason"), $action);
+        send_moderation_email($post, $thread, "Category: ".$mod_category."\n".post_str("reason"), $action);
     } else { 
-        send_moderation_email($post, "Category: ".$mod_category."\n"."None given", $action);
+        send_moderation_email($post, $thread, "Category: ".$mod_category."\n"."None given", $action);
     }
     header('Location: forum_thread.php?id='.$thread->id);
 } else {