diff options
| author |  Alexis Degrugillier <aledeg@users.noreply.github.com>
| 2021-03-19 08:51:42 -0400 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2021-03-19 13:51:42 +0100 |
| commit | 789a1664960da1b6287e3bb815d64e0d0fa8ef95 (patch) | |
| tree | e8ae45b6f9c6b81bf986305fac5acae936cc79e7 /app/Controllers/configureController.php | |
| parent | b3340c32e38e7a4e39a9ac66e3d925386c202390 (diff) | |
Fix search param encoding in user query (#3541)
Before, the chosen encoding was not the best for the task since some part
of the value was truncated when used with quotes.
Now, the encoding allows to work smoothly with quotes.
See #3538
Diffstat (limited to 'app/Controllers/configureController.php')
| -rwxr-xr-x | app/Controllers/configureController.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php index b2c1b5109..31619bf80 100755 --- a/app/Controllers/configureController.php +++ b/app/Controllers/configureController.php @@ -347,7 +347,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController { if (Minz_Request::isPost()) { $params = array_filter(Minz_Request::param('query', [])); if (!empty($params['search'])) { - $params['search'] = urldecode($params['search']); + $params['search'] = htmlspecialchars_decode($params['search'], ENT_QUOTES); } if (!empty($params['state'])) { $params['state'] = array_sum($params['state']); |