Encode the < > to stop text from acting as HTML.

git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@7168 7612ce4b-ef26-0410-bec9-ea0150e637f0

diff --git a/src/left_main.php b/src/left_main.php
index 24d9e4a0b66bdae02216a6dfd8491482f0777735..dadad1d0a061f9234ea3988d094a4d3e6e474826 100644 (file)
--- a/src/left_main.php
+++ b/src/left_main.php
@@ -77,7 +77,7 @@ function formatMailboxName($imapConnection, $box_array) {
     if ( $mailbox == 'INBOX' ) {
         $line .= _("INBOX");
     } else {
-        $line .= str_replace(' ',' ',$mailbox);
+        $line .= str_replace(array(' ','<','>'),array('&nbsp;','&lt;','&gt;'),$mailbox);
     }
     if ($special_color == TRUE)
         $line .= '</font>';
@@ -434,7 +434,7 @@ function ListBoxes ($boxes, $j=0 ) {
     $end .= '</nobr>';
 
     if (!$boxes->is_root) {
-        echo "" . $pre .$font. $boxes->mailboxname_sub .$fontend . $end. '<br />' . "\n";
+        echo "" . $pre .$font. $line .= str_replace(array(' ','<','>'),array('&nbsp;','&lt;','&gt;'),$boxes->mailboxname_sub) .$fontend . $end. '<br />' . "\n";
         $j++;
     }
 
@@ -561,7 +561,7 @@ function ListAdvancedBoxes ($boxes, $mbx, $j='ID.0000' ) {
         }
         if (!isset($boxes->mbxs[0])) {
             echo '   ' . html_tag( 'div',
-                            '<tt>'. $pre . $folder_img . '</tt>'. $boxes->mailboxname_sub . $end,
+                            '<tt>'. $pre . $folder_img . '</tt>'. $line .= str_replace(array(' ','<','>'),array('&nbsp;','&lt;','&gt;'),$boxes->mailboxname_sub) . $end,
                             'left', '', 'class="mbx_sub" id="' .$j. '"' ) . "\n";
         } else {
             /* get collapse information */