* Display the form elements to add/edit an entry in the address book
*
* The following variables are available in this template:
+ * $current_backend - integer containing backend currently displayed.
* $edit - boolean TRUE if we are editing an existing address.
* FALSE if the form is blank for adding a new address.
* $writable_backends - array of address book backends that can be written
* could be an array!
* $el['Info'] - Additional info about this contact
*
- * @copyright © 1999-2006 The SquirrelMail Project Team
+ * @copyright 1999-2018 The SquirrelMail Project Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
* @version $Id$
* @package squirrelmail
if (is_array($values['Email'])) {
echo '<select name="'.$formname.'[email]" id="email">'."\n";
foreach ($values['Email'] as $email) {
- echo '<option value="'.htmlspecialchars($email).'">'.htmlspecialchars($email).'</option>'."\n";
+//FIXME: sm_encode_html_special_chars should not be needed inside any template files - I think values are already sanitized by the time they get here
+ echo '<option value="'.sm_encode_html_special_chars($email).'">'.sm_encode_html_special_chars($email).'</option>'."\n";
}
echo '</select>'."\n";
} else {
<select name="backend" id="backend">
<?php
foreach ($writable_backends as $id=>$name) {
- echo '<option value="'.$id.'">'.htmlspecialchars($name).'</option>'."\n";
+//FIXME: sm_encode_html_special_chars should not be needed inside any template files - I think values are already sanitized by the time they get here
+ echo '<option value="' . $id
+ . ($current_backend == $id ? '" selected="selected"' : '"')
+ . '>' . sm_encode_html_special_chars($name) . '</option>' . "\n";
}
?>
</select>
projects / squirrelmail.git / blobdiff