diff options
Diffstat (limited to 'program/steps')
| -rw-r--r-- | program/steps/mail/func.inc | 11 | ||||
| -rw-r--r-- | program/steps/settings/manage_folders.inc | 2 |
2 files changed, 7 insertions, 6 deletions
diff --git a/program/steps/mail/func.inc b/program/steps/mail/func.inc index 4b3114be9..9c27ad9db 100644 --- a/program/steps/mail/func.inc +++ b/program/steps/mail/func.inc @@ -214,6 +214,7 @@ function rcmail_render_folder_tree_html(&$arrFolders, &$special, &$mbox_name, $m else if ($folder['id']==$CONFIG['junk_mbox']) $class_name = 'junk'; + $js_name = rep_specialchars_output($folder['id'], 'js'); $out .= sprintf('<li id="rcmbx%s" class="mailbox %s %s%s%s"><a href="%s&_mbox=%s"'. ' onclick="return %s.command(\'list\',\'%s\')"'. ' onmouseover="return %s.focus_mailbox(\'%s\')"' . @@ -223,17 +224,17 @@ function rcmail_render_folder_tree_html(&$arrFolders, &$special, &$mbox_name, $m $class_name, $zebra_class, $unread_count ? ' unread' : '', - addslashes($folder['id'])==addslashes($mbox_name) ? ' selected' : '', + $folder['id']==$mbox_name ? ' selected' : '', $COMM_PATH, urlencode($folder['id']), $JS_OBJECT_NAME, - addslashes($folder['id']), + $js_name, $JS_OBJECT_NAME, - addslashes($folder['id']), + $js_name, $JS_OBJECT_NAME, - addslashes($folder['id']), + $js_name, $JS_OBJECT_NAME, - addslashes($folder['id']), + $js_name, $title, rep_specialchars_output($foldername, 'html', 'all')); diff --git a/program/steps/settings/manage_folders.inc b/program/steps/settings/manage_folders.inc index 2fbc780ca..af0c829ef 100644 --- a/program/steps/settings/manage_folders.inc +++ b/program/steps/settings/manage_folders.inc @@ -74,7 +74,7 @@ else if ($_action=='rename-folder') if ($rename && $REMOTE_REQUEST) { $commands = sprintf("this.replace_folder_row('%s','%s','%s');", - rep_specialchars_output($_GET['_folder_oldname'], 'js'), + rep_specialchars_output(get_input_value('_folder_oldname', RCUBE_INPUT_GET), 'js'), rep_specialchars_output($rename, 'js'), rep_specialchars_output(rcube_charset_convert($rename, 'UTF-7'), 'js')); |