From 810efee4d36da6edbc721c82c3a97966005101de Mon Sep 17 00:00:00 2001
From: Thomas Bruederli <thomas@roundcube.net>
Date: Mon, 19 Nov 2012 05:43:22 -0500
Subject: [PATCH] Avoid double-encoding of HTML entities in signature edit field

---
 program/steps/settings/edit_identity.inc |    5 +++--
 1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/program/steps/settings/edit_identity.inc b/program/steps/settings/edit_identity.inc
index aa1aeea..f821690 100644
--- a/program/steps/settings/edit_identity.inc
+++ b/program/steps/settings/edit_identity.inc
@@ -87,9 +87,10 @@
   if ($IDENTITY_RECORD['html_signature']) {
     $form['signature']['content']['signature']['class']      = 'mce_editor';
     $form['signature']['content']['signature']['is_escaped'] = true;
-  }
 
-  $IDENTITY_RECORD['signature'] = htmlentities($IDENTITY_RECORD['signature'], ENT_NOQUOTES, RCMAIL_CHARSET);
+    // Correctly handle HTML entities in HTML editor (#1488483)
+    $IDENTITY_RECORD['signature'] = htmlspecialchars($IDENTITY_RECORD['signature'], ENT_NOQUOTES, RCMAIL_CHARSET);
+  }
 
   // disable some field according to access level
   if (IDENTITIES_LEVEL == 1 || IDENTITIES_LEVEL == 3) {

--
Gitblit v1.9.1