AKKAR

Line 647 in lang/eng.php reads:
$LANG['MESSAGE']['contact_admin'] = "Please contact the <a
href=\"mailto:".$config['akkar_admin_email']."\">administrator</a>.";

This is not a very good way to do it, as the admin email address then can
be harvested by spammers, since this string shows up in error messages from
the public submission forms. Instead, the link should be hidden in a
script:

$LANG['MESSAGE']['contact_admin'] = "Please contact the <a
href=\"mailto.php?".strtr($config['akkar_admin_email'],'@','=')."\">adminis
trator</a>.";