X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fsearch.php;h=72482acb3cd7dd66257bc664d5fb757bf4f1009f;hb=b65c5db0af524fb167e8cd73feb572e7cf0af90b;hp=b8e4b6c8a727ff3a41b4ea5b7bef690866e3e6d2;hpb=99f3175e172314d8c23ee9892beb2619c1aface1;p=squirrelmail.git
diff --git a/src/search.php b/src/search.php
index b8e4b6c8..72482acb 100644
--- a/src/search.php
+++ b/src/search.php
@@ -14,10 +14,11 @@ define('SM_PATH','../');
/* SquirrelMail required files. */
require_once(SM_PATH . 'include/validate.php');
-require_once(SM_PATH . 'functions/imap.php');
+require_once(SM_PATH . 'functions/strings.php');
require_once(SM_PATH . 'functions/imap_asearch.php');
require_once(SM_PATH . 'functions/imap_mailbox.php');
-require_once(SM_PATH . 'functions/strings.php');
+require_once(SM_PATH . 'functions/imap_messages.php');
+require_once(SM_PATH . 'functions/mailbox_display.php'); //getButton()...
function asearch_unhtml_strcoll($a, $b)
{
@@ -357,7 +358,7 @@ function asearch_get_query_display($color, $mailbox_array, $biop_array, $unop_ar
if ($what_type == 'adate')
$what_display = asearch_get_date_display($what);
else
- $what_display = htmlspecialchars($what);
+ $what_display = htmlentities($what);
$what_display = ' ' . $what_display . '';
}
}
@@ -522,7 +523,7 @@ function asearch_print_form_row($imapConnection, $boxes, $mailbox, $biop, $unop,
$what_disp = str_replace('\\\\', '\\', $what_disp);
$what_disp = str_replace('\\"', '"', $what_disp);
$what_disp = str_replace('"', '"', $what_disp);*/
- $what_disp = htmlspecialchars($what, ENT_QUOTES);
+ $what_disp = htmlspecialchars($what);
echo html_tag('td', '', 'center') . "\n";
/* Exclude criteria */
@@ -554,7 +555,7 @@ function asearch_print_form($imapConnection, $boxes, $mailbox_array, $biop_array
$mailbox = $boxes[0]['unformatted'];
$biop = strip_tags(asearch_nz($biop_array[$row_num]));
$unop = strip_tags(asearch_nz($unop_array[$row_num]));
- $where = strip_tags(asearch_nz($where_array[$row_num]));
+ $where = asearch_nz($where_array[$row_num]);
$what = asearch_nz($what_array[$row_num]);
$exclude = strip_tags(asearch_nz($exclude_array[$row_num]));
asearch_print_form_row($imapConnection, $boxes, $mailbox, $biop, $unop, $where, $what, $exclude, $row_num);