diff options
| author | thomascube <thomas@roundcube.net> | 2008-11-03 08:01:18 +0000 |
|---|---|---|
| committer | thomascube <thomas@roundcube.net> | 2008-11-03 08:01:18 +0000 |
| commit | c21d6d713e0320b7b61bff1fa0e05bbd250455bb (patch) | |
| tree | 309840400c4e31fa90c5daf73779f49b7265c1d1 /program/include | |
| parent | f35a226447e578b9859e1f933f7c09c5d20a3ca9 (diff) | |
Don't use addslashes() which could produce unexpected results when magic_quotes_sybase is on
Diffstat (limited to 'program/include')
| -rw-r--r-- | program/include/main.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/program/include/main.inc b/program/include/main.inc index 4ed25afaf..43a354919 100644 --- a/program/include/main.inc +++ b/program/include/main.inc @@ -347,6 +347,8 @@ function rep_specialchars_output($str, $enctype='', $mode='', $newlines=TRUE) } $xml_rep_table['"'] = '"'; + $js_rep_table['"'] = '\\"'; + $js_rep_table["'"] = "\\'"; } // encode for XML @@ -359,7 +361,7 @@ function rep_specialchars_output($str, $enctype='', $mode='', $newlines=TRUE) if ($charset!='UTF-8') $str = rcube_charset_convert($str, RCMAIL_CHARSET,$charset); - return preg_replace(array("/\r?\n/", "/\r/", '/<\\//'), array('\n', '\n', '<\\/'), addslashes(strtr($str, $js_rep_table))); + return preg_replace(array("/\r?\n/", "/\r/", '/<\\//'), array('\n', '\n', '<\\/'), strtr($str, $js_rep_table)); } // no encoding given -> return original string |