From 550bf0d14b5ab70beb088611cd2fc1d239c104e3 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 May 2012 09:06:02 +0200
Subject: - Fix HTML entities handling in HTML editor (#1488483)

---
 program/steps/mail/compose.inc           | 1 +
 program/steps/settings/edit_identity.inc | 2 ++
 2 files changed, 3 insertions(+)

(limited to 'program')

diff --git a/program/steps/mail/compose.inc b/program/steps/mail/compose.inc
index ebf79be4e..8152f5dca 100644
--- a/program/steps/mail/compose.inc
+++ b/program/steps/mail/compose.inc
@@ -770,6 +770,7 @@ function rcmail_compose_body($attrib)
 
   // If desired, set this textarea to be editable by TinyMCE
   if ($isHtml) {
+    $MESSAGE_BODY = htmlentities($MESSAGE_BODY, ENT_NOQUOTES, RCMAIL_CHARSET);
     $attrib['class'] = 'mce_editor';
     $textarea = new html_textarea($attrib);
     $out .= $textarea->show($MESSAGE_BODY);
diff --git a/program/steps/settings/edit_identity.inc b/program/steps/settings/edit_identity.inc
index f594525e1..c3ac4688f 100644
--- a/program/steps/settings/edit_identity.inc
+++ b/program/steps/settings/edit_identity.inc
@@ -91,6 +91,8 @@ function rcube_identity_form($attrib)
     $form['signature']['content']['signature']['class'] = 'mce_editor';
   }
 
+  $IDENTITY_RECORD['signature'] = htmlentities($IDENTITY_RECORD['signature'], ENT_NOQUOTES, RCMAIL_CHARSET);
+
   // disable some field according to access level
   if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) {
     $form['addressing']['content']['email']['disabled'] = true;
-- 
cgit v1.2.3