From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 program/steps/addressbook/import.inc |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/program/steps/addressbook/import.inc b/program/steps/addressbook/import.inc
index 72da150..915aac8 100644
--- a/program/steps/addressbook/import.inc
+++ b/program/steps/addressbook/import.inc
@@ -88,7 +88,7 @@
 
   $content = html::p(null, rcube_label(array(
       'name' => 'importconfirm',
-      'nr' => $IMORT_STATS->inserted,
+      'nr' => $IMPORT_STATS->inserted,
       'vars' => $vars,
     )) . ($IMPORT_STATS->names ? ':' : '.'));
 
@@ -98,7 +98,7 @@
   if ($IMPORT_STATS->skipped) {
       $content .= html::p(null, rcube_label(array(
           'name' => 'importconfirmskipped',
-          'nr' => $IMORT_STATS->skipped,
+          'nr' => $IMPORT_STATS->skipped,
           'vars' => $vars,
         )) . ':');
       $content .= html::p('em', join(', ', array_map('Q', $IMPORT_STATS->skipped_names)));

--
Gitblit v1.9.1