projects / GitHub / WoltLab / WCF.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8940af9)
Username escaping is no longer required
authorAlexander Ebert <ebert@woltlab.com>
Thu, 22 Dec 2016 17:40:54 +0000 (18:40 +0100)
committerAlexander Ebert <ebert@woltlab.com>
Thu, 22 Dec 2016 17:40:54 +0000 (18:40 +0100)
wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php patch | blob | blame | history

diff --git a/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php b/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php
index d381f1592acc801f40c108cdca860b3ee1fffb4c..037426e9901006cf1624740bd6c44bf00a1e5a70 100644 (file)
--- a/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php
+++ b/wcfsetup/install/files/lib/system/message/quote/MessageQuoteManager.class.php
@@ -423,15 +423,14 @@ class MessageQuoteManager extends SingletonFactory {
         * @return      string
         */
        public function renderQuote(IMessage $message, $text, $renderAsString = true) {
-               $escapedUsername = str_replace(["\\", "'"], ["\\\\", "\'"], $message->getUsername());
                $escapedLink = str_replace(["\\", "'"], ["\\\\", "\'"], $message->getLink());
                
                if ($renderAsString) {
-                       return "[quote='".$escapedUsername."','".$escapedLink."']".$text."[/quote]";
+                       return "[quote='".$message->getUsername()."','".$escapedLink."']".$text."[/quote]";
                }
                else {
                        return [
-                               'username' => $escapedUsername,
+                               'username' => $message->getUsername(),
                                'link' => $escapedLink,
                                'text' => $text
                        ];
WoltLab Suite Core (previously WoltLab Community Framework)