summaryrefslogtreecommitdiff
path: root/program
diff options
context:
space:
mode:
authorThomas Bruederli <thomas@roundcube.net>2013-02-10 14:37:37 +0100
committerThomas Bruederli <thomas@roundcube.net>2013-02-10 14:39:20 +0100
commita33717b230715a4350bfbbd95940f04721e3fbba (patch)
tree1d62d69af773873e74e0e34450e00cd80aed2dfb /program
parente55fc1458ec34165f5f0ee0f3787b56ed58a6db6 (diff)
Properly quote form validation error messages
Diffstat (limited to 'program')
-rw-r--r--program/steps/addressbook/save.inc2
1 files changed, 1 insertions, 1 deletions
diff --git a/program/steps/addressbook/save.inc b/program/steps/addressbook/save.inc
index 901ea0190..8cab6e817 100644
--- a/program/steps/addressbook/save.inc
+++ b/program/steps/addressbook/save.inc
@@ -82,7 +82,7 @@ if (empty($a_record['name'])) {
// do input checks (delegated to $CONTACTS instance)
if (!$CONTACTS->validate($a_record)) {
$err = (array)$CONTACTS->get_error();
- $OUTPUT->show_message($err['message'] ? $err['message'] : 'formincomplete', 'warning');
+ $OUTPUT->show_message($err['message'] ? Q($err['message']) : 'formincomplete', 'warning');
$GLOBALS['EDIT_RECORD'] = $a_record; // store submitted data to be used in edit form
rcmail_overwrite_action($return_action);
return;