tags 598584 + patch thanks fix patch (removed 1st hunk) attached.
http://git.horde.org/diff.php/imp/fetchmailprefs.php?rt=horde&r1=1.39.4.10&r2=1.39.4.11&ty=u -- Regards, dai GPG Fingerprint = 0B29 D88E 42E6 B765 B8D8 EA50 7839 619D D439 668E
===================================================================
RCS file: /horde/cvs/imp/fetchmailprefs.php,v
retrieving revision 1.39.4.10
retrieving revision 1.39.4.11
diff -p --unified=3 -r1.39.4.10 -r1.39.4.11
--- fetchmailprefs.php 2009/01/06 15:24:01 1.39.4.10
+++ fetchmailprefs.php 2010/09/27 08:54:46 1.39.4.11
@@ -164,12 +164,12 @@ if (empty($actionID)) {
$t->set('to_edit', ($to_edit !== null));
if ($t->get('to_edit')) {
$t->set('edit_account', intval($to_edit));
- $t->set('fmid', $fm_account->getValue('id', $to_edit));
- $t->set('fmusername', $fm_account->getValue('username', $to_edit));
- $t->set('fmpassword', $fm_account->getValue('password', $to_edit));
- $t->set('fmserver', $fm_account->getValue('server', $to_edit));
+ $t->set('fmid', htmlspecialchars($fm_account->getValue('id', $to_edit)));
+ $t->set('fmusername', htmlspecialchars($fm_account->getValue('username', $to_edit)));
+ $t->set('fmpassword', htmlspecialchars($fm_account->getValue('password', $to_edit)));
+ $t->set('fmserver', htmlspecialchars($fm_account->getValue('server', $to_edit)));
if ($t->get('allowfolders')) {
- $t->set('fmrmailbox', $fm_account->getValue('rmailbox', $to_edit));
+ $t->set('fmrmailbox', htmlspecialchars($fm_account->getValue('rmailbox', $to_edit)));
}
$t->set('fmonlynew', $fm_account->getValue('onlynew', $to_edit));
$t->set('fmmarkseen', $fm_account->getValue('markseen', $to_edit));
signature.asc
Description: Digital signature
