From 66773789e392305bba4cdf7ed8e6ae3b8380de51 Mon Sep 17 00:00:00 2001
From: svncommit <devs@roundcube.net>
Date: Thu, 27 Oct 2005 09:45:33 -0400
Subject: [PATCH]
---
program/steps/settings/edit_identity.inc | 17 ++++++++---------
1 files changed, 8 insertions(+), 9 deletions(-)
diff --git a/program/steps/settings/edit_identity.inc b/program/steps/settings/edit_identity.inc
index f4134d3..dc2f149 100644
--- a/program/steps/settings/edit_identity.inc
+++ b/program/steps/settings/edit_identity.inc
@@ -6,7 +6,7 @@
| |
| This file is part of the RoundCube Webmail client |
| Copyright (C) 2005, RoundCube Dev. - Switzerland |
- | All rights reserved. |
+ | Licensed under the GNU GPL |
| |
| PURPOSE: |
| Show edit form for a identity record or to add a new one |
@@ -22,13 +22,12 @@
if (($_GET['_iid'] || $_POST['_iid']) && $_action=='edit-identity')
{
$id = $_POST['_iid'] ? $_POST['_iid'] : $_GET['_iid'];
- $DB->query(sprintf("SELECT * FROM %s
- WHERE identity_id=%d
- AND user_id=%d
- AND del!='1'",
- get_table_name('identities'),
- $id,
- $_SESSION['user_id']));
+ $DB->query("SELECT * FROM ".get_table_name('identities')."
+ WHERE identity_id=?
+ AND user_id=?
+ AND del<>'1'",
+ $id,
+ $_SESSION['user_id']);
$IDENTITY_RECORD = $DB->fetch_assoc();
@@ -88,7 +87,7 @@
$out .= sprintf("<tr><td class=\"title\"><label for=\"%s\">%s</label></td><td>%s</td></tr>\n",
$attrib['id'],
- rcube_label($label),
+ rep_specialchars_output(rcube_label($label)),
$value);
}
--
Gitblit v1.9.1