diff options
Diffstat (limited to 'program/steps/settings')
-rw-r--r-- | program/steps/settings/manage_folders.inc | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/program/steps/settings/manage_folders.inc b/program/steps/settings/manage_folders.inc index b960561f7..04b2a461e 100644 --- a/program/steps/settings/manage_folders.inc +++ b/program/steps/settings/manage_folders.inc @@ -19,6 +19,8 @@ */ +require_once('lib/utf7.inc'); + // init IAMP connection rcmail_imap_init(TRUE); @@ -47,7 +49,7 @@ else if ($_action=='unsubscribe') else if ($_action=='create-folder') { if (strlen($_GET['_name'])) - $create = $IMAP->create_mailbox(trim($_GET['_name']), TRUE); + $create = $IMAP->create_mailbox(strip_tags(trim($_GET['_name'])), TRUE); if ($create && $_GET['_remote']) { @@ -122,7 +124,7 @@ function rcube_subscription_form($attrib) $out .= sprintf('<tr id="rcmrow%d" class="%s"><td>%s</td><td>%s</td><td><a href="#delete" onclick="%s.command(\'delete-folder\',\'%s\')" title="%s">%s</a></td>', $i+1, $zebra_class, - rep_specialchars_output($folder, 'html'), + rep_specialchars_output(UTF7DecodeString($folder), 'html', 'all'), $checkbox_subscribe->show(in_array($folder, $a_subscribed)?$folder:'', array('value' => $folder)), $JS_OBJECT_NAME, $folder_js, |