X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Faddressbook.php;h=68d852447563e71807af773edc16b78564e66bec;hp=d460f6379acb59f01e7b0314601b8f9fcf79ec2c;hb=3523532820419e678843408d5a31db951636fa55;hpb=df4162cbfaa145df9848b7868d6930a587fcb84a
diff --git a/src/addressbook.php b/src/addressbook.php
index d460f637..68d85244 100644
--- a/src/addressbook.php
+++ b/src/addressbook.php
@@ -13,19 +13,15 @@
*/
/**
- * Path for SquirrelMail required files.
- * @ignore
+ * Include the SquirrelMail initialization file.
*/
-define('SM_PATH','../');
+include('../include/init.php');
/** SquirrelMail required files. */
-include_once(SM_PATH . 'include/validate.php');
-/* plain_error_message() */
-include_once(SM_PATH . 'functions/display_messages.php');
/* address book functions */
-include_once(SM_PATH . 'functions/addressbook.php');
+require_once(SM_PATH . 'functions/addressbook.php');
/* form functions */
-include_once(SM_PATH . 'functions/forms.php');
+require_once(SM_PATH . 'functions/forms.php');
/** lets get the global vars we may need */
@@ -219,7 +215,7 @@ if (!empty($formerror)) {
html_tag( 'tr',
html_tag( 'td',
"\n". '
' . _("ERROR") . ': ' . $formerror . '' ."\n",
+ '">' . _("ERROR") . ': ' . nl2br(htmlspecialchars($formerror)) . '' ."\n",
'center' )
),
'center', '', 'width="100%"' );
@@ -231,7 +227,7 @@ if ($showaddrlist) {
/* Get and sort address list */
$alist = $abook->list_addr();
if(!is_array($alist)) {
- plain_error_message($abook->error, $color);
+ plain_error_message(nl2br(htmlspecialchars($abook->error)), $color);
exit;
}
@@ -329,20 +325,9 @@ if ($showaddrlist) {
' ' . htmlspecialchars($row['nickname']) . ' ',
'left', '', 'valign="top" width="1%" style="white-space: nowrap;"' );
- // different full name display formating for Japanese translation
- if ($squirrelmail_language == 'ja_JP') {
- /*
- * translation uses euc-jp character set internally.
- * htmlspecialchars() should not break any characters.
- */
- echo html_tag( 'td',
- ' ' . htmlspecialchars($row['lastname']) . ' ' . htmlspecialchars($row['firstname']) . ' ',
- 'left', '', 'valign="top" width="1%" style="white-space: nowrap;"' );
- } else {
- echo html_tag( 'td',
- ' ' . htmlspecialchars($row['name']) . ' ',
- 'left', '', 'valign="top" width="1%" style="white-space: nowrap;"' );
- }
+ echo html_tag( 'td',
+ ' ' . htmlspecialchars($row['name']) . ' ',
+ 'left', '', 'valign="top" width="1%" style="white-space: nowrap;"' );
// email address column
echo html_tag( 'td', '', 'left', '', 'valign="top" width="1%" style="white-space: nowrap;"' ) . ' ';