X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=functions%2Fmailbox_display.php;h=a35cbcccbf39a96e97e2cacbc9a8982ebf72cc14;hp=60a8fed7aca692244a5de8c8ed9a0a49b13397ab;hb=86ef259bfacd94fbac1867b776b981b4dd83c4dc;hpb=8517e764c0e071f9e81f3b9e101bdb1633030b16 diff --git a/functions/mailbox_display.php b/functions/mailbox_display.php index 60a8fed7..a35cbccc 100644 --- a/functions/mailbox_display.php +++ b/functions/mailbox_display.php @@ -513,17 +513,19 @@ function prepareMessageList(&$aMailbox, $aProps) { $bHighLight = highlightMessage($aCol[$k], $value, $highlight_list,$aFormattedMessages[$iUid]); } $sTmp = getAddressString(parseRFC822Address($value),array('best' => true)); + $sTmp = decodeHeader($sTmp); if (isset($aColumnDesc[$k]['truncate']) && $aColumnDesc[$k]['truncate']) { $sTrunc = truncateWithEntities($sTmp, $aColumnDesc[$k]['truncate']); $title = ($sTrunc != $sTmp) ? htmlspecialchars($sTmp) : ''; $sTmp = $sTrunc; } } - $value = ($sTmp) ? htmlspecialchars($sTmp) : $sUnknown; + $value = ($sTmp) ? $sTmp : $sUnknown; break; case SQM_COL_SUBJ: // subject is mime encoded, decode it. // value is sanitized in decoding function. + // TODO, verify if it should be done before or after the highlighting $value=decodeHeader($value); if ($highlight_list && !$bHighLight) { $bHighLight = highlightMessage('SUBJECT', $value, $highlight_list, $aFormattedMessages[$iUid]); @@ -549,7 +551,7 @@ function prepareMessageList(&$aMailbox, $aProps) { break; case SQM_COL_DATE: case SQM_COL_INT_DATE: - $value = getDateString(getTimeStamp(explode(' ',trim($value)))); + $value = htmlspecialchars(getDateString(getTimeStamp(explode(' ',trim($value))))); break; case SQM_COL_FLAGS: $aFlagColumn = array('seen' => false,