Replace the last vestiges of htmlentities with htmlspecialchars

2023-09-03 19:47:22 +02:00
parent 03ad26655c
commit 1fa4cb19a2
4 changed files with 6 additions and 6 deletions
--- a/controllers/EditUser.php
+++ b/controllers/EditUser.php
@@ -134,8 +134,8 @@ class EditUser extends HTMLController
 			$data = $form->getData();

 			// Just to be on the safe side.
-			$data['first_name'] = htmlentities(trim($data['first_name']));
-			$data['surname'] = htmlentities(trim($data['surname']));
+			$data['first_name'] = htmlspecialchars(trim($data['first_name']));
+			$data['surname'] = htmlspecialchars(trim($data['surname']));
 			$data['emailaddress'] = trim($data['emailaddress']);

 			// Make sure there's a slug.