sanitizing folder name display.

author tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Sat, 9 Oct 2004 12:46:40 +0000 (12:46 +0000)

committer tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Sat, 9 Oct 2004 12:46:40 +0000 (12:46 +0000)
author tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sat, 9 Oct 2004 12:46:40 +0000 (12:46 +0000)
committer tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Sat, 9 Oct 2004 12:46:40 +0000 (12:46 +0000)
diff --git a/functions/imap_mailbox.php b/functions/imap_mailbox.php

index 3d7f87f62aa7247445355aa4b88c4e60844bb72d..5eb359e44e5d137ffe841deb3481a61889c9a864 100755 (executable)
--- a/functions/imap_mailbox.php
+++ b/functions/imap_mailbox.php
@@ -532,10 +532,10 @@ function sqimap_mailbox_option_list($imap_stream, $show_selected = 0, $folder_sk
                  switch ($shorten_box_names)
                  {
                    case 2:   /* delimited, style = 2 */
-                    $box2 = str_replace('&nbsp;&nbsp;', '.&nbsp;', $boxes_part['formatted']);
+                    $box2 = str_replace('&amp;nbsp;&amp;nbsp;', '.&nbsp;', htmlspecialchars($boxes_part['formatted']));
                      break;
                    case 1:   /* indent, style = 1 */
-                    $box2 = $boxes_part['formatted'];
+                    $box2 = str_replace('&amp;nbsp;&amp;nbsp;', '&nbsp;&nbsp;', htmlspecialchars($boxes_part['formatted']));
                      break;
                    default:  /* default, long names, style = 0 */
                      $box2 = str_replace(' ', '&nbsp;', htmlspecialchars(imap_utf7_decode_local($boxes_part['unformatted-disp'])));
author	tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Sat, 9 Oct 2004 12:46:40 +0000 (12:46 +0000)
committer	tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Sat, 9 Oct 2004 12:46:40 +0000 (12:46 +0000)