* We now escape properly in strings
authorfidian <fidian@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Fri, 9 Feb 2001 14:39:38 +0000 (14:39 +0000)
committerfidian <fidian@7612ce4b-ef26-0410-bec9-ea0150e637f0>
Fri, 9 Feb 2001 14:39:38 +0000 (14:39 +0000)
git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@1085 7612ce4b-ef26-0410-bec9-ea0150e637f0

src/search.php

index 79da86a..0aad14b 100644 (file)
@@ -72,8 +72,8 @@
    if (!isset($what))
        $what = '';
    $what_disp = ereg_replace(',', ' ', $what);
-   $what_disp = str_replace('\\', '\', $what_disp);
-   $what_disp = str_replace('\"', '"', $what_disp);
+   $what_disp = str_replace('\\\\', '\\', $what_disp);
+   $what_disp = str_replace('\\"', '"', $what_disp);
    $what_disp = str_replace('"', '&quot;', $what_disp);
    echo "          <INPUT TYPE=\"TEXT\" SIZE=\"20\" NAME=\"what\" VALUE=\"$what_disp\">\n";
    echo '        </TD>';