From 164584f0e97ba654bfe742bf6641dc53ae0f6827 Mon Sep 17 00:00:00 2001 From: kink Date: Mon, 26 Apr 2004 23:24:21 +0000 Subject: [PATCH] HTML escaping. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@7268 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- src/read_body.php | 4 ++-- src/vcard.php | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/read_body.php b/src/read_body.php index 9cce574a..3e431c64 100644 --- a/src/read_body.php +++ b/src/read_body.php @@ -125,9 +125,9 @@ function findPreviousMessage($numMessages, $passed_id) { function printer_friendly_link($mailbox, $passed_id, $passed_ent_id) { global $javascript_on, $color; - $params = '?passed_ent_id=' . $passed_ent_id . + $params = '?passed_ent_id=' . urlencode($passed_ent_id) . '&mailbox=' . urlencode($mailbox) . - '&passed_id=' . $passed_id; + '&passed_id=' . urlencode($passed_id); $print_text = _("View Printable Version"); diff --git a/src/vcard.php b/src/vcard.php index 9db7437d..1fac0172 100644 --- a/src/vcard.php +++ b/src/vcard.php @@ -48,8 +48,8 @@ echo '
' . _("Viewing a Business Card") . " - "; $msg_url = 'read_body.php?mailbox='.urlencode($mailbox). - '&startMessage='.$startMessage. - '&passed_id='.$passed_id; + '&startMessage='.urlencode($startMessage). + '&passed_id='.urlencode($passed_id); $msg_url = set_url_var($msg_url, 'ent_id', 0); @@ -200,7 +200,7 @@ echo '' . '' . '
' . '' . _("Download this as a file") . '' . '
' . -- 2.25.1