- echo '<tr' . (($line % 2) ? " bgcolor=\"$color[0]\"" : '') .
- ' nowrap><td valign=top nowrap align=center width="5%">' .
- '<small><a href="javascript:to_address(' .
- "'" . $row['email'] . "');\">To</A> | " .
- '<a href="javascript:cc_address(' .
- "'" . $row["email'] . "');\">Cc</A> | " .
- '<a href="javascript:bcc_address(' .
- "'" . $row["email'] . "');\">Bcc</A></small>" .
- '<td nowrap valign=top> ' .
- $row['name'] . ' <td nowrap valign=top>' .
- ' <a href="javascript:to_and_close(' .
- "'" . $row["email'] . "');\">" . $row["email'] . '</A> ' .
- '<td valign=top> ' . $row['label'] . ' ';
+ $email = htmlspecialchars(addcslashes(AddressBook::full_address($row), "'"), ENT_QUOTES);
+ if ($line % 2) {
+ $tr_bgcolor = $color[12];
+ } else {
+ $tr_bgcolor = $color[4];
+ }
+ echo html_tag( 'tr', '', '', $tr_bgcolor, 'style="white-space: nowrap;"' ) .
+ html_tag( 'td',
+ '<small><a href="javascript:to_address(' .
+ "'" . $email . "');\">"._("To")."</a> | " .
+ '<a href="javascript:cc_address(' .
+ "'" . $email . "');\">"._("Cc")."</a> | " .
+ '<a href="javascript:bcc_address(' .
+ "'" . $email . "');\">"._("Bcc")."</a></small>",
+ 'center', '', 'valign="top" width="5%" style="white-space: nowrap;"' ) .
+ html_tag( 'td', ' ' . htmlspecialchars($row['name']), 'left', '', 'valign="top" style="white-space: nowrap;"' ) .
+ html_tag( 'td', ' ' .
+ '<a href="javascript:to_and_close(' .
+ "'" . $email . "');\">" . htmlspecialchars($row['email']) . '</a>'
+ , 'left', '', 'valign="top"' ) .
+ html_tag( 'td', htmlspecialchars($row['label']), 'left', '', 'valign="top" style="white-space: nowrap;"' );