From c0a474dd3365cda401c13f807679735af65d9fa4 Mon Sep 17 00:00:00 2001
From: Thomas Tanghus <thomas@tanghus.net>
Date: Tue, 5 Mar 2013 02:30:03 +0100
Subject: [PATCH] Contacts: Properly escape commas and semi-colons.

Conflicts:
	contacts/appinfo/app.php
---
 ajax/contact/saveproperty.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/ajax/contact/saveproperty.php b/ajax/contact/saveproperty.php
index bc99229f..87a4eadc 100644
--- a/ajax/contact/saveproperty.php
+++ b/ajax/contact/saveproperty.php
@@ -74,6 +74,7 @@ $checksum = isset($_POST['checksum'])?$_POST['checksum']:null;
 debug('value: ' . print_r($value, 1));
 
 $multi_properties = array('EMAIL', 'TEL', 'IMPP', 'ADR', 'URL');
+$string_properties = array('FN', 'NICKNAME', 'NOTE', 'EMAIL', 'TEL', 'IMPP', 'ADR', 'URL');
 
 if(!$name) {
 	bailOut(App::$l10n->t('element name is not set.'));
@@ -200,6 +201,9 @@ if(!$value) {
 		unset($vcard->{$name});
 	}
 } else {
+	if(in_array($name, $string_properties)) {
+		$value = strtr($value, array(',' => '\,', ';' => '\;'));
+	}
 	/* setting value */
 	switch($element) {
 		case 'BDAY':