X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=src%2Fsearch.php;h=8c5532240f0300f19c5720d5d0dd4a2ad4bf21ab;hb=ccbe63bad9cfea0850e299e6be71eba5d76170d6;hp=fcdbf000442cc43b71f1e009f9405aee5498937a;hpb=cf6cb8b1a952371f88b84f6bf556efb8408a628e;p=squirrelmail.git

diff --git a/src/search.php b/src/search.php
index fcdbf000..8c553224 100644
--- a/src/search.php
+++ b/src/search.php
@@ -3,7 +3,7 @@
 /**
  * search.php
  *
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * $Id$
@@ -383,7 +383,7 @@ if ($recent_count > 0) {
             if (isset($attributes['search_what'][$i]) &&
                 !empty($attributes['search_what'][$i])) {
             echo html_tag( 'td', $attributes['search_folder'][$i], 'left', '', 'width="35%"' )
-               . html_tag( 'td', $attributes['search_what'][$i], 'left' )
+               . html_tag( 'td', htmlentities($attributes['search_what'][$i]), 'left' )
                . html_tag( 'td', $attributes['search_where'][$i], 'center' )
                . html_tag( 'td', '', 'right' )
                .   "<a href=search.php?count=$i&amp;submit=save>"
@@ -495,7 +495,7 @@ if ($search_all == 'all') {
     $boxcount = count($boxes);
     echo '<BR><CENTER><B>' .
          _("Search Results") .
-         "</B><CENTER><BR>\n";
+         "</B></CENTER><BR>\n";
     for ($x=0;$x<$boxcount;$x++) {
         if (!in_array('noselect', $boxes[$x]['flags'])) {
             $mailbox = $boxes[$x]['unformatted'];