[dev] [cvs] commit: dimp/lib/Views ShowMessage.php
Jan Schneider
jan at horde.org
Mon Nov 19 23:45:27 UTC 2007
Zitat von Michael M Slusarz <slusarz at horde.org>:
> Quoting Jan Schneider <jan at horde.org>:
>
>> Zitat von Michael M Slusarz <slusarz at horde.org>:
>>
>>> slusarz 2007-11-19 16:36:11 EST
>>>
>>> Modified files:
>>> lib/Views ShowMessage.php
>>> Log:
>>> All of these headers already have been HTML'ified. Escaping them again
>>> here just breaks the output.
>>
>> Not for me. I had an ampersand in one of the headers, iirc the from:
>> header, and it was *not* escaped.
>
> That doesn't make any sense. Those 5 headers are all passed through
> _buildAddressLinks() right before this code which creates <A> tags in
> those header values. So when you call htmlspecialchars() on this
> code, all I see is the HTML code for our address links wherever an
> e-mail header is supposed to be.
Ah, that got me on the right track. It was my fault, sorry.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
More information about the dev
mailing list