From 456ada01fa44a5de3146f58ea5de60baffe31521 Mon Sep 17 00:00:00 2001
From: Thomas Tanghus <thomas@tanghus.net>
Date: Mon, 20 Feb 2012 14:36:21 +0100
Subject: [PATCH] Contacts: Apply strip_tags on compound values.

---
 apps/contacts/ajax/addproperty.php  | 1 +
 apps/contacts/ajax/saveproperty.php | 1 +
 2 files changed, 2 insertions(+)

diff --git a/apps/contacts/ajax/addproperty.php b/apps/contacts/ajax/addproperty.php
index 03a45532f9b..028974e1c66 100644
--- a/apps/contacts/ajax/addproperty.php
+++ b/apps/contacts/ajax/addproperty.php
@@ -66,6 +66,7 @@ foreach($current as $item) {
 
 if(is_array($value)) {
 	ksort($value);  // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form!
+	$value = array_map('strip_tags', $value);
 } else {
 	$value = strip_tags($value);
 }
diff --git a/apps/contacts/ajax/saveproperty.php b/apps/contacts/ajax/saveproperty.php
index 6c8132c1dbf..0c9e0cc7836 100644
--- a/apps/contacts/ajax/saveproperty.php
+++ b/apps/contacts/ajax/saveproperty.php
@@ -52,6 +52,7 @@ $checksum = isset($_POST['checksum'])?$_POST['checksum']:null;
 // }
 
 if(is_array($value)){ // FIXME: How to strip_tags for compound values?
+	$value = array_map('strip_tags', $value);
 	ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form!
 	$value = OC_VObject::escapeSemicolons($value);
 } else {
-- 
2.39.5