Updated to not convert quotes

I missed using ENT_NOQUOTES since XML only needs & and <> to be replaced in tags, spotted by @mkuron
master
emericklaw 2019-05-03 17:54:33 +01:00 committed by GitHub
parent 472a99ff00
commit 12d46cf072
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions

View File

@ -22,7 +22,7 @@ try {
$stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
$stmt->execute(array(':username' => $email));
$MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
$displayname = htmlspecialchars(empty($MailboxData['name']) ? $email : $MailboxData['name']);
$displayname = htmlspecialchars(empty($MailboxData['name']) ? $email : $MailboxData['name'], ENT_NOQUOTES);
}
catch(PDOException $e) {
$displayname = $email;