From 1b9923208c64f4d3494e185ac3d249df5fbb8552 Mon Sep 17 00:00:00 2001 From: Aleksander Machniak Date: Fri, 21 Sep 2012 10:11:05 +0200 Subject: Re-fix HTML entities handling in addressbook names --- program/include/rcmail.php | 2 +- program/steps/addressbook/edit.inc | 7 ++++--- program/steps/addressbook/func.inc | 6 +++--- program/steps/addressbook/import.inc | 2 +- 4 files changed, 9 insertions(+), 8 deletions(-) diff --git a/program/include/rcmail.php b/program/include/rcmail.php index 5a9a1fa86..ee144faca 100644 --- a/program/include/rcmail.php +++ b/program/include/rcmail.php @@ -281,7 +281,7 @@ class rcmail extends rcube } $list[$id] = array( 'id' => $id, - 'name' => $prop['name'], + 'name' => html::quote($prop['name']), 'groups' => is_array($prop['groups']), 'readonly' => !$prop['writable'], 'hidden' => $prop['hidden'], diff --git a/program/steps/addressbook/edit.inc b/program/steps/addressbook/edit.inc index 90069a7eb..b216a7c70 100644 --- a/program/steps/addressbook/edit.inc +++ b/program/steps/addressbook/edit.inc @@ -244,11 +244,12 @@ function rcmail_source_selector($attrib) if (count($sources_list) < 2) { $source = $sources_list[$SOURCE_ID]; $hiddenfield = new html_hiddenfield(array('name' => '_source', 'value' => $SOURCE_ID)); - return html::span($attrib, Q($source['name']) . $hiddenfield->show()); + return html::span($attrib, $source['name'] . $hiddenfield->show()); } - $attrib['name'] = '_source'; - $attrib['onchange'] = JS_OBJECT_NAME . ".command('save', 'reload', this.form)"; + $attrib['name'] = '_source'; + $attrib['is_escaped'] = true; + $attrib['onchange'] = JS_OBJECT_NAME . ".command('save', 'reload', this.form)"; $select = new html_select($attrib); diff --git a/program/steps/addressbook/func.inc b/program/steps/addressbook/func.inc index 44d216c25..4ef4d1b51 100644 --- a/program/steps/addressbook/func.inc +++ b/program/steps/addressbook/func.inc @@ -178,7 +178,7 @@ function rcmail_set_sourcename($abook) if (!$name && $source == 0) { $name = rcube_label('personaladrbook'); } - $OUTPUT->set_env('sourcename', $name); + $OUTPUT->set_env('sourcename', html_entity_decode($name, ENT_COMPAT, 'UTF-8')); } } @@ -219,13 +219,13 @@ function rcmail_directory_list($attrib) if ($source['class_name']) $class_name .= ' ' . $source['class_name']; - $name = !empty($source['name']) ? html_entity_decode($source['name'], ENT_COMPAT, 'UTF-8') : $id; + $name = !empty($source['name']) ? $source['name'] : $id; $out .= sprintf($line_templ, html_identifier($id), $class_name, Q(rcmail_url(null, array('_source' => $id))), $source['id'], - $js_id, Q($name)); + $js_id, $name); $groupdata = array('out' => $out, 'jsdata' => $jsdata, 'source' => $id); if ($source['groups']) diff --git a/program/steps/addressbook/import.inc b/program/steps/addressbook/import.inc index 15e04b82a..fb2251f18 100644 --- a/program/steps/addressbook/import.inc +++ b/program/steps/addressbook/import.inc @@ -43,7 +43,7 @@ function rcmail_import_form($attrib) // addressbook selector if (count($writable_books) > 1) { - $select = new html_select(array('name' => '_target', 'id' => 'rcmimporttarget')); + $select = new html_select(array('name' => '_target', 'id' => 'rcmimporttarget', 'is_escaped' => true)); foreach ($writable_books as $book) $select->add($book['name'], $book['id']); -- cgit v1.2.3