Don't use addslashes() which could produce unexpected results when magic_quotes_sybase is on

git-svn-id: https://svn.roundcube.net/trunk@2032 208e9e7b-5314-0410-a742-e7e81cd9613c
author: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2008-11-03 08:01:18 +0000
committer: thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> 2008-11-03 08:01:18 +0000
commit: 2573c75ec3ad87c887a47f7a3e35b6ab915373da (patch)
tree: 73939979e26947f1b75223d1f82be66e51f8c8ae /roundcubemail/program/steps
parent: 4bc77ddecba202ee4d0d2836f80a2f1e38070bf2 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/roundcubemail/program/steps/mail/get.inc b/roundcubemail/program/steps/mail/get.inc
index fc3ee83ea..2d51ffc46 100644
--- a/roundcubemail/program/steps/mail/get.inc
+++ b/roundcubemail/program/steps/mail/get.inc
@@ -90,7 +90,7 @@ else if ($pid = get_input_value('_part', RCUBE_INPUT_GET)) {
       
       $filename = $part->filename ? $part->filename : ($MESSAGE->subject ? $MESSAGE->subject : 'roundcube') . '.'.$ctype_secondary;
       $filename = abbreviate_string($part->filename, 55);
-      $filename = $browser->ie ? rawurlencode($filename) : addslashes($filename);
+      $filename = $browser->ie ? rawurlencode($filename) : addcslashes($filename, '"');
       $disposition = !empty($_GET['_download']) ? 'attachment' : 'inline';
       
       header("Content-Disposition: $disposition; filename=\"$filename\"");
author	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2008-11-03 08:01:18 +0000
committer	thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c>	2008-11-03 08:01:18 +0000
commit	2573c75ec3ad87c887a47f7a3e35b6ab915373da (patch)
tree	73939979e26947f1b75223d1f82be66e51f8c8ae /roundcubemail/program/steps
parent	4bc77ddecba202ee4d0d2836f80a2f1e38070bf2 (diff)