* This contains functions that display mailbox information, such as the
* table row that has sender, date, subject, etc...
*
- * @copyright 1999-2011 The SquirrelMail Project Team
+ * @copyright 1999-2012 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
$sMailbox = (isset($aAddr[SQM_ADDR_MAILBOX])) ? $aAddr[SQM_ADDR_MAILBOX] : '';
$sHost = (isset($aAddr[SQM_ADDR_HOST])) ? $aAddr[SQM_ADDR_HOST] : '';
if ($sPersonal) {
- $title .= htmlspecialchars($sMailbox.'@'.$sHost).', ';
+ $title .= sm_encode_html_special_chars($sMailbox.'@'.$sHost).', ';
} else {
// if $value gets truncated we need to add the addresses with no
// personal name as well
- $title_maybe .= htmlspecialchars($sMailbox.'@'.$sHost).', ';
+ $title_maybe .= sm_encode_html_special_chars($sMailbox.'@'.$sHost).', ';
}
}
if ($title) {
// don't do anything to any messages until we have done security check
// FIXME: not sure this code really belongs here, but there's nowhere else to put it with this architecture
sqgetGlobalVar('smtoken', $submitted_token, SQ_FORM, '');
- sm_validate_security_token($submitted_token, 3600, TRUE);
+ sm_validate_security_token($submitted_token, -1, TRUE);
// make sure message UIDs are sanitized (BIGINT)
foreach ($aUid as $i => $uid)