diff --git a/test/AllTests.php b/test/AllTests.php
index 97c30da2a..c33bc38aa 100644
--- a/test/AllTests.php
+++ b/test/AllTests.php
@@ -19,6 +19,7 @@ require_once 'PHPUnit/Framework.php';
 require_once 'PHPUnit/TextUI/TestRunner.php';
 require_once './test/FailTest.php';
 require_once './test/PMA_get_real_size_test.php';
+require_once './test/PMA_sanitize_test.php';
 
 class AllTests
 {
@@ -33,6 +34,7 @@ class AllTests
 
         //$suite->addTestSuite('FailTest');
         $suite->addTestSuite('PMA_get_real_size_test');
+        $suite->addTestSuite('PMA_sanitize_test');
 
         return $suite;
     }
diff --git a/test/PMA_sanitize_test.php b/test/PMA_sanitize_test.php
new file mode 100644
index 000000000..126bd57af
--- /dev/null
+++ b/test/PMA_sanitize_test.php
@@ -0,0 +1,41 @@
+<?php
+/**
+ * tests for PMA_sanitize()
+ *
+ * @version $Id: $
+ * @package phpMyAdmin-test
+ */
+
+/**
+ *
+ */
+require_once 'PHPUnit/Framework.php';
+require_once './libraries/sanitizing.lib.php';
+
+class PMA_sanitize_test extends PHPUnit_Framework_TestCase
+{
+    public function testXssInHref()
+    {
+        $this->assertEquals('<a href="" target="target">link</a>',
+            PMA_sanitize('[a@javascript:alert(\'XSS\');@target]link[/a]'));
+    }
+
+    public function testLink()
+    {
+        $this->assertEquals('<a href="http://www.phpmyadmin.net/" target="target">link</a>',
+            PMA_sanitize('[a@http://www.phpmyadmin.net/@target]link[/a]'));
+    }
+
+    public function testHtmlTags()
+    {
+        $this->assertEquals('&lt;div onclick=""&gt;',
+            PMA_sanitize('<div onclick="">'));
+    }
+
+    public function testBbcoe()
+    {
+        $this->assertEquals('<strong>strong</strong>',
+            PMA_sanitize('[b]strong[/b]'));
+    }
+}
+?>
\ No newline at end of file