rooty/OwncloudContactsOfficial
1
0
Fork 0
mirror of https://github.com/owncloudarchive/contacts.git synced 2025-02-07 01:54:16 +01:00
Code Issues Releases Activity

Contacts: Double check XSS, and fix a rookie error ;-)

Browse Source
This commit is contained in:
Thomas Tanghus 2012-05-28 12:58:51 +02:00
parent d78ec64e80
commit f5d3ba18f2
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/vcard.php
View File

@ -227,7 +227,7 @@ class OC_Contacts_VCard{
$vcard->setString('FN', $fn); $vcard->setString('FN', $fn);
OCP\Util::writeLog('contacts','OC_Contacts_VCard::updateValuesFromAdd. Added missing \'FN\' field: '.$fn,OCP\Util::DEBUG); OCP\Util::writeLog('contacts','OC_Contacts_VCard::updateValuesFromAdd. Added missing \'FN\' field: '.$fn,OCP\Util::DEBUG);
} }
if(!$n || $n = ';;;;'){ // Fix missing 'N' field. Ugly hack ahead ;-) if(!$n || $n == ';;;;'){ // Fix missing 'N' field. Ugly hack ahead ;-)
$slice = array_reverse(array_slice(explode(' ', $fn), 0, 2)); // Take 2 first name parts of 'FN' and reverse. $slice = array_reverse(array_slice(explode(' ', $fn), 0, 2)); // Take 2 first name parts of 'FN' and reverse.
if(count($slice) < 2) { // If not enought, add one more... if(count($slice) < 2) { // If not enought, add one more...
$slice[] = ""; $slice[] = "";

2
templates/part.contacts.php
View File

@ -8,5 +8,5 @@
} }
} }
?> ?>
<li role="button" book-id="<?php echo $contact['addressbookid']; ?>" data-id="<?php echo $contact['id']; ?>"><a href="index.php?id=<?php echo $contact['id']; ?>"><?php echo $display; ?></a></li> <li role="button" book-id="<?php echo $contact['addressbookid']; ?>" data-id="<?php echo $contact['id']; ?>"><a href="index.php?id=<?php echo $contact['id']; ?>"><?php echo htmlspecialchars($display); ?></a></li>
<?php endforeach; ?> <?php endforeach; ?>