From 789a1664960da1b6287e3bb815d64e0d0fa8ef95 Mon Sep 17 00:00:00 2001
From: Alexis Degrugillier <aledeg@users.noreply.github.com>
Date: Fri, 19 Mar 2021 08:51:42 -0400
Subject: Fix search param encoding in user query (#3541)

Before, the chosen encoding was not the best for the task since some part
of the value was truncated when used with quotes.
Now, the encoding allows to work smoothly with quotes.

See #3538
---
 app/Controllers/configureController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/Controllers/configureController.php')

diff --git a/app/Controllers/configureController.php b/app/Controllers/configureController.php
index b2c1b5109..31619bf80 100755
--- a/app/Controllers/configureController.php
+++ b/app/Controllers/configureController.php
@@ -347,7 +347,7 @@ class FreshRSS_configure_Controller extends Minz_ActionController {
 		if (Minz_Request::isPost()) {
 			$params = array_filter(Minz_Request::param('query', []));
 			if (!empty($params['search'])) {
-				$params['search'] = urldecode($params['search']);
+				$params['search'] = htmlspecialchars_decode($params['search'], ENT_QUOTES);
 			}
 			if (!empty($params['state'])) {
 				$params['state'] = array_sum($params['state']);
-- 
cgit v1.2.3