diff options
| author | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2008-11-03 08:01:18 +0000 |
|---|---|---|
| committer | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2008-11-03 08:01:18 +0000 |
| commit | 2573c75ec3ad87c887a47f7a3e35b6ab915373da (patch) | |
| tree | 73939979e26947f1b75223d1f82be66e51f8c8ae /roundcubemail/program/include | |
| parent | 4bc77ddecba202ee4d0d2836f80a2f1e38070bf2 (diff) | |
Don't use addslashes() which could produce unexpected results when magic_quotes_sybase is on
git-svn-id: https://svn.roundcube.net/trunk@2032 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/program/include')
| -rw-r--r-- | roundcubemail/program/include/main.inc | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/roundcubemail/program/include/main.inc b/roundcubemail/program/include/main.inc index 4ed25afaf..43a354919 100644 --- a/roundcubemail/program/include/main.inc +++ b/roundcubemail/program/include/main.inc @@ -347,6 +347,8 @@ function rep_specialchars_output($str, $enctype='', $mode='', $newlines=TRUE) } $xml_rep_table['"'] = '"'; + $js_rep_table['"'] = '\\"'; + $js_rep_table["'"] = "\\'"; } // encode for XML @@ -359,7 +361,7 @@ function rep_specialchars_output($str, $enctype='', $mode='', $newlines=TRUE) if ($charset!='UTF-8') $str = rcube_charset_convert($str, RCMAIL_CHARSET,$charset); - return preg_replace(array("/\r?\n/", "/\r/", '/<\\//'), array('\n', '\n', '<\\/'), addslashes(strtr($str, $js_rep_table))); + return preg_replace(array("/\r?\n/", "/\r/", '/<\\//'), array('\n', '\n', '<\\/'), strtr($str, $js_rep_table)); } // no encoding given -> return original string |