Aaron Stone <[EMAIL PROTECTED]> said: > The escaping of queries in 2.0 looks like it has been working correctly. > Has anybody seen any problems with apostrophes, particularly in username > and email addresses? If not, I'll mark the bug as resolved...
Alright, I added `'" to the lists of validchars for lmtp.c, pop3.c and timsieve.c (for consistency). IMAP has four sets of AcceptedChars, a few with `'" and a few without. In particular, because of SQL escaping of mailbox names, it will be safe to put `'" in mailbox names now. That was the one set of AcceptedChars that appeared to be lacking the quotes. Ilja, Paul, could you shed some light on this, and make any changes as needed? >From here on out, proper SQL escaping is critical. Aaron --
