X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=functions%2Faddressbook.php;h=7a616cfcfb4fb8f12e437fb3d0b602304b21666a;hb=79ba18dc89b1b096ecdf0b77169d57e0caf661db;hp=1e3d3f6118ec8fe000608a250a9e45747154a407;hpb=1977ab5587905d225c6288141b82f7a6e3d29d02;p=squirrelmail.git

diff --git a/functions/addressbook.php b/functions/addressbook.php
index 1e3d3f61..7a616cfc 100644
--- a/functions/addressbook.php
+++ b/functions/addressbook.php
@@ -4,7 +4,7 @@
  *
  * Functions require SM_PATH and support of forms.php functions
  *
- * @copyright 1999-2010 The SquirrelMail Project Team
+ * @copyright 1999-2013 The SquirrelMail Project Team
  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  * @version $Id$
  * @package squirrelmail
@@ -162,7 +162,7 @@ function addressbook_init($showerr = true, $onlylocal = false) {
      * display address book init errors.
      */
     if ($abook_init_error!='' && $showerr) {
-        error_box(nl2br(htmlspecialchars($abook_init_error)));
+        error_box(nl2br(sm_encode_html_special_chars($abook_init_error)));
     }
 
     /* Return the initialized object */
@@ -414,7 +414,7 @@ class AddressBook {
      *
      * Extra field can be used to add link to form, which allows
      * to modify all fields supported by backend. This is the only field
-     * that is not sanitized with htmlspecialchars. Backends MUST make
+     * that is not sanitized with sm_encode_html_special_chars. Backends MUST make
      * sure that field data is sanitized and displayed correctly inside
      * table cell. Use of html formating in other address book fields is
      * not allowed. Backends that don't return 'extra' row in address book
@@ -515,8 +515,7 @@ class AddressBook {
      * @return string email address with real name prepended
      */
     function full_address($row) {
-        global $data_dir, $username;
-        $addrsrch_fullname = getPref($data_dir, $username, 'addrsrch_fullname');
+        global $data_dir, $username, $addrsrch_fullname;
 
         // allow multiple addresses in one row (poor person's grouping - bah)
         // (separate with commas)
@@ -958,7 +957,7 @@ class addressbook_backend {
      *               not found, or false if an error occured.
      *
      */
-    function lookup($value, $field) {
+    function lookup($value, $field=SM_ABOOK_FIELD_NICKNAME) {
         $this->set_error('lookup is not implemented');
         return false;
     }