/**
* search.php
*
- * Copyright (c) 1999-2002 The SquirrelMail Project Team
+ * Copyright (c) 1999-2003 The SquirrelMail Project Team
* Licensed under the GNU GPL. For full terms see the file COPYING.
*
* $Id$
if (isset($attributes['search_what'][$i]) &&
!empty($attributes['search_what'][$i])) {
echo html_tag( 'td', $attributes['search_folder'][$i], 'left', '', 'width="35%"' )
- . html_tag( 'td', $attributes['search_what'][$i], 'left' )
+ . html_tag( 'td', htmlentities($attributes['search_what'][$i]), 'left' )
. html_tag( 'td', $attributes['search_where'][$i], 'center' )
. html_tag( 'td', '', 'right' )
. "<a href=search.php?count=$i&submit=save>"
$boxcount = count($boxes);
echo '<BR><CENTER><B>' .
_("Search Results") .
- "</B><CENTER><BR>\n";
+ "</B></CENTER><BR>\n";
for ($x=0;$x<$boxcount;$x++) {
if (!in_array('noselect', $boxes[$x]['flags'])) {
$mailbox = $boxes[$x]['unformatted'];