From f693e2d1838b838540d2f6e8c387375bc336d422 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <machniak@kolabsys.com>
Date: Thu, 20 Sep 2012 15:56:54 +0200
Subject: [PATCH] Fixes for html_ent branch in ROundcube core: Proper HTML
 entities handling

---
 plugins/calendar/calendar.php                    | 4 ++--
 plugins/calendar/lib/calendar_ui.php             | 4 ++--
 plugins/kolab_activesync/kolab_activesync_ui.php | 8 ++++----
 plugins/libkolab/lib/kolab_storage.php           | 3 ++-
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/plugins/calendar/calendar.php b/plugins/calendar/calendar.php
index d49b02e1..1fc1e5f5 100644
--- a/plugins/calendar/calendar.php
+++ b/plugins/calendar/calendar.php
@@ -404,7 +404,7 @@ class calendar extends rcube_plugin
       $select_cal = new html_select(array('name' => '_default_calendar', 'id' => $field_id));
       foreach ((array)$this->driver->list_calendars() as $id => $prop) {
         if (!$prop['readonly'])
-          $select_cal->add($prop['name'], strval($id));
+          $select_cal->add(html_entity_decode($prop['name'], ENT_COMPAT, 'UTF-8'), strval($id));
         if ($prop['default'])
           $default_calendar = $id;
       }
@@ -712,7 +712,7 @@ class calendar extends rcube_plugin
           $numcals = 0;
           foreach ($calendars as $calendar) {
             if (!$calendar['readonly']) {
-              $calendar_select->add($calendar['name'], $calendar['id']);
+              $calendar_select->add(html_entity_decode($calendar['name'], ENT_COMPAT, 'UTF-8'), $calendar['id']);
               $numcals++;
             }
           }
diff --git a/plugins/calendar/lib/calendar_ui.php b/plugins/calendar/lib/calendar_ui.php
index cfa66846..2269a5ba 100644
--- a/plugins/calendar/lib/calendar_ui.php
+++ b/plugins/calendar/lib/calendar_ui.php
@@ -206,7 +206,7 @@ class calendar_ui
       $li .= html::tag('li', array('id' => 'rcmlical' . $html_id, 'class' => $class),
         html::tag('input', array('type' => 'checkbox', 'name' => '_cal[]', 'value' => $id, 'checked' => $prop['active']), '') .
         html::span('handle', '&nbsp;') .
-        html::span('calname', Q($prop['name'])));
+        html::span('calname', Q(html_entity_decode($prop['name'], ENT_COMPAT, 'UTF-8'))));
     }
 
     $this->rc->output->set_env('calendars', $jsenv);
@@ -252,7 +252,7 @@ class calendar_ui
     $select = new html_select($attrib);
     foreach ((array)$this->cal->driver->list_calendars() as $id => $prop) {
       if (!$prop['readonly'])
-        $select->add($prop['name'], $id);
+        $select->add(html_entity_decode($prop['name'], ENT_COMPAT, 'UTF-8'), $id);
     }
 
     return $select->show(null);
diff --git a/plugins/kolab_activesync/kolab_activesync_ui.php b/plugins/kolab_activesync/kolab_activesync_ui.php
index 9e4fe5ce..e28d523b 100644
--- a/plugins/kolab_activesync/kolab_activesync_ui.php
+++ b/plugins/kolab_activesync/kolab_activesync_ui.php
@@ -162,7 +162,7 @@ class kolab_activesync_ui
                     $length = strlen($names[$i].' &raquo; ');
                     $prefix = substr($foldername, 0, $length);
                     $count  = count(explode(' &raquo; ', $prefix));
-                    $foldername = str_repeat('&nbsp;&nbsp;', $count-1) . '&raquo; ' . substr($foldername, $length);
+                    $foldername = str_repeat('&nbsp;&nbsp;', $count-1) . '&raquo; ' . html::quote(substr($foldername, $length));
                     break;
                 }
             }
@@ -171,14 +171,14 @@ class kolab_activesync_ui
             $classes = array('mailbox');
 
             if ($folder_class = rcmail_folder_classname($folder)) {
-                $foldername = rcube_label($folder_class);
+                $foldername = html::quote(rcube_label($folder_class));
                 $classes[] = $folder_class;
             }
 
             $folder_id = 'rcmf' . html_identifier($folder);
             $padding = str_repeat('&nbsp;&nbsp;&nbsp;&nbsp;', $level);
 
-            $table->add_row(array('class' => (($level+1) * $idx++) % 2 == 0 ? 'even' : 'odd'));
+            $table->add_row();
             $table->add('subscription', $checkbox_sync->show(
                 !empty($subscribed[$folder]) ? $folder : null,
                 array('value' => $folder, 'id' => $folder_id)));
@@ -189,7 +189,7 @@ class kolab_activesync_ui
                     array('value' => $folder, 'id' => $folder_id.'_alarm')));
             }
 
-            $table->add(join(' ', $classes), html::label($folder_id, $padding . Q($foldername)));
+            $table->add(join(' ', $classes), html::label($folder_id, $padding . $foldername));
         }
 
         return $table->show();
diff --git a/plugins/libkolab/lib/kolab_storage.php b/plugins/libkolab/lib/kolab_storage.php
index 7ed89a01..ef485369 100644
--- a/plugins/libkolab/lib/kolab_storage.php
+++ b/plugins/libkolab/lib/kolab_storage.php
@@ -481,6 +481,7 @@ class kolab_storage
         $names   = array();
 
         // Build SELECT field of parent folder
+        $attrs['is_escaped'] = true;
         $select = new html_select($attrs);
         $select->add('---', '');
 
@@ -494,7 +495,7 @@ class kolab_storage
                     $length = strlen($names[$i].' &raquo; ');
                     $prefix = substr($name, 0, $length);
                     $count  = count(explode(' &raquo; ', $prefix));
-                    $name   = str_repeat('&nbsp;&nbsp;', $count-1) . '&raquo; ' . substr($name, $length);
+                    $name   = str_repeat('&nbsp;&nbsp;', $count-1) . '&raquo; ' . html::quote(substr($name, $length));
                     break;
                 }
             }