summaryrefslogtreecommitdiff
path: root/program/steps/settings/edit_identity.inc
diff options
context:
space:
mode:
Diffstat (limited to 'program/steps/settings/edit_identity.inc')
-rw-r--r--program/steps/settings/edit_identity.inc10
1 files changed, 6 insertions, 4 deletions
diff --git a/program/steps/settings/edit_identity.inc b/program/steps/settings/edit_identity.inc
index 7e7be1f83..d70a7aef7 100644
--- a/program/steps/settings/edit_identity.inc
+++ b/program/steps/settings/edit_identity.inc
@@ -42,8 +42,9 @@ else {
rcmail_overwrite_action('identities');
return;
}
- else if (IDENTITIES_LEVEL == 1)
- $IDENTITY_RECORD['email'] = $RCMAIL->user->get_username();
+ else if (IDENTITIES_LEVEL == 1) {
+ $IDENTITY_RECORD['email'] = $RCMAIL->get_user_email();
+ }
}
@@ -87,9 +88,10 @@ function rcube_identity_form($attrib)
if ($IDENTITY_RECORD['html_signature']) {
$form['signature']['content']['signature']['class'] = 'mce_editor';
$form['signature']['content']['signature']['is_escaped'] = true;
- }
- $IDENTITY_RECORD['signature'] = htmlentities($IDENTITY_RECORD['signature'], ENT_NOQUOTES, RCMAIL_CHARSET);
+ // Correctly handle HTML entities in HTML editor (#1488483)
+ $IDENTITY_RECORD['signature'] = htmlspecialchars($IDENTITY_RECORD['signature'], ENT_NOQUOTES, RCMAIL_CHARSET);
+ }
// disable some field according to access level
if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-28 10:24:20 +0000