projects / squirrelmail.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7af26ef)
replace htmlentities() with htmlspecialchars() since it is broken with non iso-8859...
authoralex-brainstorm <alex-brainstorm@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sun, 17 Aug 2003 15:21:08 +0000 (15:21 +0000)
committeralex-brainstorm <alex-brainstorm@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sun, 17 Aug 2003 15:21:08 +0000 (15:21 +0000)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@5509 7612ce4b-ef26-0410-bec9-ea0150e637f0

src/folders.php patch | blob | blame | history
src/search.php patch | blob | blame | history

diff --git a/src/folders.php b/src/folders.php
index aeedc2d05a1bf23c3a4904234fab0719ba4d7395..73aa9eced00f28c73d57b399fa7ba5cbe64275ff 100644 (file)
--- a/src/folders.php
+++ b/src/folders.php
@@ -265,7 +265,7 @@ if ($count_special_folders < count($boxes)) {
             ($boxes[$i]["unformatted"] != $draft_folder)) {
             $box = htmlspecialchars($boxes[$i]["unformatted-dm"]);
             $box2 = str_replace(' ', '&nbsp;',
-                                htmlentities(imap_utf7_decode_local($boxes[$i]["unformatted-disp"])));
+                                htmlspecialchars(imap_utf7_decode_local($boxes[$i]["unformatted-disp"])));
             echo "         <OPTION VALUE=\"$box\">$box2\n";
         }
     }
@@ -298,7 +298,7 @@ if(!$no_list_for_subscribe) {
     }
     if ($use_folder == true) {
         $box[$q] = htmlspecialchars($boxes_all[$i]['unformatted-dm']);
-        $box2[$q] = htmlentities(imap_utf7_decode_local($boxes_all[$i]['unformatted-disp']));
+        $box2[$q] = htmlspecialchars(imap_utf7_decode_local($boxes_all[$i]['unformatted-disp']));
         $q++;
     }
   }
diff --git a/src/search.php b/src/search.php
index cae89565db199d0463a9c13a521a81c1fac69f8c..14c425e2b3a5d05959679b0080623eb88287ec09 100644 (file)
--- a/src/search.php
+++ b/src/search.php
@@ -359,7 +359,7 @@ function asearch_get_query_display($color, $mailbox_array, $biop_array, $unop_ar
                                        if ($what_type == 'adate')
                                                $what_display = asearch_get_date_display($what);
                                        else
-                                               $what_display = htmlentities($what);
+                                               $what_display = htmlspecialchars($what);
                                        $what_display = ' <B>' . $what_display . '</B>';
                                }
                        }
Unnamed repository; edit this file 'description' to name the repository.