summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAleksander Machniak <machniak@kolabsys.com>2012-10-29 19:41:50 (GMT)
committerAleksander Machniak <machniak@kolabsys.com>2012-10-29 19:41:50 (GMT)
commit9d9262d71f4b405dc8a9193b09f9c0b53fca0578 (patch)
tree2f92807c24f0fec9cb69ad6e2f2a1e2170384873
parent04793bfaf39a7b25d99d2600b069c0f3aab21571 (diff)
downloadroundcubemail-plugins-kolab-9d9262d71f4b405dc8a9193b09f9c0b53fca0578.tar.gz
Fixed HTML entities handling in task list names
-rw-r--r--plugins/tasklist/drivers/database/tasklist_database_driver.php1
-rw-r--r--plugins/tasklist/tasklist_ui.php6
2 files changed, 5 insertions, 2 deletions
diff --git a/plugins/tasklist/drivers/database/tasklist_database_driver.php b/plugins/tasklist/drivers/database/tasklist_database_driver.php
index 8e56923..56f4cf7 100644
--- a/plugins/tasklist/drivers/database/tasklist_database_driver.php
+++ b/plugins/tasklist/drivers/database/tasklist_database_driver.php
@@ -76,6 +76,7 @@ class tasklist_database_driver extends tasklist_driver
while ($result && ($arr = $this->rc->db->fetch_assoc($result))) {
$arr['showalarms'] = intval($arr['showalarms']);
$arr['active'] = !in_array($arr['id'], $hidden);
+ $arr['name'] = html::quote($arr['name']);
$arr['editable'] = true;
$this->lists[$arr['id']] = $arr;
$list_ids[] = $this->rc->db->quote($arr['id']);
diff --git a/plugins/tasklist/tasklist_ui.php b/plugins/tasklist/tasklist_ui.php
index 0a9f3f1..2b7cfe0 100644
--- a/plugins/tasklist/tasklist_ui.php
+++ b/plugins/tasklist/tasklist_ui.php
@@ -113,7 +113,7 @@ class tasklist_ui
$li .= html::tag('li', array('id' => 'rcmlitasklist' . $html_id, 'class' => $class),
html::tag('input', array('type' => 'checkbox', 'name' => '_list[]', 'value' => $id, 'checked' => $prop['active'])) .
html::span('handle', '&nbsp;') .
- html::span('listname', Q($prop['name'])));
+ html::span('listname', $prop['name']));
}
$this->rc->output->set_env('tasklists', $jsenv);
@@ -128,8 +128,10 @@ class tasklist_ui
*/
function tasklist_select($attrib = array())
{
- $attrib['name'] = 'list';
+ $attrib['name'] = 'list';
+ $attrib['is_escaped'] = true;
$select = new html_select($attrib);
+
foreach ((array)$this->plugin->driver->get_lists() as $id => $prop) {
if ($prop['editable'])
$select->add($prop['name'], $id);