remove html formating from error messages. XSS fixes sanitize errors and display...

author tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Wed, 10 Aug 2005 19:27:37 +0000 (19:27 +0000)

committer tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>

Wed, 10 Aug 2005 19:27:37 +0000 (19:27 +0000)
author tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Wed, 10 Aug 2005 19:27:37 +0000 (19:27 +0000)
committer tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Wed, 10 Aug 2005 19:27:37 +0000 (19:27 +0000)
diff --git a/functions/abook_database.php b/functions/abook_database.php

index 765ab984ddfa63fdbdbb350fe665419658b88816..bfdadb9d04f415e972e6e7a5a19b281fb592c087 100644 (file)
--- a/functions/abook_database.php
+++ b/functions/abook_database.php
@@ -317,8 +317,7 @@ class abook_database extends addressbook_backend {
          /* See if user exist already */
          $ret = $this->lookup($userdata['nickname']);
          if (!empty($ret)) {
-            return $this->set_error(sprintf(_("User %s already exists"),
-                        '&quot;' . $ret['nickname'] . '&quot;'));
+            return $this->set_error(sprintf(_("User \"%s\" already exists"),$ret['nickname']));
          }
  
          /* Create query */
@@ -398,8 +397,7 @@ class abook_database extends addressbook_backend {
           /* See if user exist */
          $ret = $this->lookup($alias);
          if (empty($ret)) {
-            return $this->set_error(sprintf(_("User %s does not exist"),
-                        '&qout;' . $alias . '&qout;'));
+            return $this->set_error(sprintf(_("User \"%s\" does not exist"),$alias));
          }
  
          /* Create query */
diff --git a/functions/abook_local_file.php b/functions/abook_local_file.php

index 202d641da763db6a981c6c7af1f7bc3095ac6ac7..e0ad818992e4c101b71f7712f0228af32801cd2c 100644 (file)
--- a/functions/abook_local_file.php
+++ b/functions/abook_local_file.php
@@ -361,8 +361,8 @@ class abook_local_file extends addressbook_backend {
          /* See if user exists already */
          $ret = $this->lookup($userdata['nickname']);
          if(!empty($ret)) {
-            return $this->set_error(sprintf(_("User %s already exists"),
-                        '&quot;' . $ret['nickname'] . '&quot;'));
+            // i18n: don't use html formating in translation
+            return $this->set_error(sprintf(_("User \"%s\" already exists"),$ret['nickname']));
          }
  
          /* Here is the data to write */
@@ -454,8 +454,8 @@ class abook_local_file extends addressbook_backend {
          /* See if user exists */
          $ret = $this->lookup($alias);
          if(empty($ret)) {
-            return $this->set_error(sprintf(_("User %s does not exist"),
-                        '&quot;' . $alias . '&quot;'));
+            // i18n: don't use html formating in translation
+            return $this->set_error(sprintf(_("User \"%s\" does not exist"),$alias));
          }
  
          /* Lock the file to make sure we're the only process working
author	tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Wed, 10 Aug 2005 19:27:37 +0000 (19:27 +0000)
committer	tokul <tokul@7612ce4b-ef26-0410-bec9-ea0150e637f0>
	Wed, 10 Aug 2005 19:27:37 +0000 (19:27 +0000)
functions/abook_database.php		patch \| blob \| blame \| history
functions/abook_local_file.php		patch \| blob \| blame \| history