summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenny Baumann <BenBE@geshi.org>2015-08-09 22:52:44 +0200
committerBenny Baumann <BenBE@geshi.org>2015-08-09 22:52:44 +0200
commit4e5c9dd72b45ec7d59a13b28ac1c4ccd600cd95b (patch)
treec0727b82566b439ff9c32b8386e0eecfe4959463
parent8a5059809e66396eb97dbe1588cd28b8d38eb8a2 (diff)
parent269829b175dac7bf3f2128fbd5c55ba08f48d2d0 (diff)
downloadcacert-mgr-4e5c9dd72b45ec7d59a13b28ac1c4ccd600cd95b.tar.gz
cacert-mgr-4e5c9dd72b45ec7d59a13b28ac1c4ccd600cd95b.tar.xz
cacert-mgr-4e5c9dd72b45ec7d59a13b28ac1c4ccd600cd95b.zip
Merge branch 'bug-932'
-rw-r--r--manager/application/views/helpers/UserInfo.php2
-rw-r--r--manager/application/views/scripts/mail/full.phtml16
-rw-r--r--manager/application/views/scripts/mail/index.phtml16
3 files changed, 17 insertions, 17 deletions
diff --git a/manager/application/views/helpers/UserInfo.php b/manager/application/views/helpers/UserInfo.php
index bf98f1b..b0f8703 100644
--- a/manager/application/views/helpers/UserInfo.php
+++ b/manager/application/views/helpers/UserInfo.php
@@ -82,7 +82,7 @@ class Zend_View_Helper_UserInfo extends Zend_View_Helper_Placeholder_Container_S
$output .= $indent . "<div id=\"userinfo\">\n";
$output .= $indent . "\tUser: " . $this->items['authed_username'] . "<br>\n";
- $output .= $indent . "\tName: " . $this->items['authed_fname'] . ' ' . $this->items['authed_lname'] . "<br>\n";
+ $output .= $indent . "\tName: " . htmlentities(strip_tags($this->items['authed_fname'] . ' ' . $this->items['authed_lname']), ENT_QUOTES, 'ISO-8859-1') . "<br>\n";
$output .= $indent . "\tRole: " . $this->items['authed_role'] . "<br>\n";
if ($this->items['authed_by_crt'] === true)
$output .= $indent . "\tLoginmethod: CRT<br>\n";
diff --git a/manager/application/views/scripts/mail/full.phtml b/manager/application/views/scripts/mail/full.phtml
index 1bfed87..01d8ff2 100644
--- a/manager/application/views/scripts/mail/full.phtml
+++ b/manager/application/views/scripts/mail/full.phtml
@@ -23,14 +23,14 @@ else {
</tr>
<?php
foreach ($this->headers as $header) {
- print " <tr>\n";
- print " <td><a href=\"" . $header->detailslink . "\">" . $header->fromaddress . "</a></td>";
- print " <td>" . $header->toaddress . "</td>";
- print " <td>" . $header->subject . "</td>";
- print " <td>" . $header->date . "</td>";
- print " <td>" . $header->Size . "</td>";
- print " <td><a class=\"delete\" href=\"" . $header->deletelink . "\"><img src=\"/img/delete_icon.jpg\"></a></td>";
- print " </tr>\n";
+ print " <tr>\n";
+ print " <td><a href=\"" . $header->detailslink . "\">" . $header->fromaddress . "</a></td>";
+ print " <td>" . $header->toaddress . "</td>";
+ print " <td>" . htmlspecialchars(quoted_printable_decode($header->subject), ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8') . "</td>";
+ print " <td>" . $header->date . "</td>";
+ print " <td>" . $header->Size . "</td>";
+ print " <td><a class=\"delete\" href=\"" . $header->deletelink . "\"><img src=\"/img/delete_icon.jpg\"></a></td>";
+ print " </tr>\n";
}
}
?>
diff --git a/manager/application/views/scripts/mail/index.phtml b/manager/application/views/scripts/mail/index.phtml
index 427d0e9..3eecfdc 100644
--- a/manager/application/views/scripts/mail/index.phtml
+++ b/manager/application/views/scripts/mail/index.phtml
@@ -23,14 +23,14 @@ else {
</tr>
<?php
foreach ($this->headers as $header) {
- print " <tr>\n";
- print " <td><a href=\"" . $header->detailslink . "\">" . $header->fromaddress . "</a></td>";
- print " <td>" . $header->toaddress . "</td>";
- print " <td>" . $header->subject . "</td>";
- print " <td>" . $header->date . "</td>";
- print " <td>" . $header->Size . "</td>";
- print " <td><a class=\"delete\" href=\"" . $header->deletelink . "\"><img src=\"/img/delete_icon.jpg\"></a></td>";
- print " </tr>\n";
+ print " <tr>\n";
+ print " <td><a href=\"" . $header->detailslink . "\">" . $header->fromaddress . "</a></td>";
+ print " <td>" . $header->toaddress . "</td>";
+ print " <td>" . htmlspecialchars(quoted_printable_decode($header->subject), ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8') . "</td>";
+ print " <td>" . $header->date . "</td>";
+ print " <td>" . $header->Size . "</td>";
+ print " <td><a class=\"delete\" href=\"" . $header->deletelink . "\"><img src=\"/img/delete_icon.jpg\"></a></td>";
+ print " </tr>\n";
}
}
?>