From 3baac58b332e0a14c48888650fc998f4dd6bce96 Mon Sep 17 00:00:00 2001 From: charlottesce <75381352+charlottesce@users.noreply.github.com> Date: Wed, 16 Aug 2023 10:18:57 -0400 Subject: [PATCH] [issue_tracker] Resolves special characters in titles (#8842) Do not escape data being inserted in the issue tracker, it gets escaped on rendering. --- modules/issue_tracker/php/edit.class.inc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/issue_tracker/php/edit.class.inc b/modules/issue_tracker/php/edit.class.inc index 448dac4997b..0e3a0680d52 100644 --- a/modules/issue_tracker/php/edit.class.inc +++ b/modules/issue_tracker/php/edit.class.inc @@ -447,11 +447,11 @@ class Edit extends \NDB_Page implements ETagCalculator $historyValues = $this->getChangedValues($issueValues, $issueID, $user); if (!empty($issueID)) { - $db->update('issues', $issueValues, ['issueID' => $issueID]); + $db->unsafeUpdate('issues', $issueValues, ['issueID' => $issueID]); } else { $issueValues['reporter'] = $user->getUsername(); $issueValues['dateCreated'] = date('Y-m-d H:i:s'); - $db->insert('issues', $issueValues); + $db->unsafeInsert('issues', $issueValues); $issueID = intval($db->getLastInsertId()); } @@ -815,7 +815,7 @@ class Edit extends \NDB_Page implements ETagCalculator 'issueID' => $issueID, 'addedBy' => $user->getUsername(), ]; - $db->insert('issues_history', $changedValues); + $db->unsafeInsert('issues_history', $changedValues); } } } @@ -838,7 +838,7 @@ class Edit extends \NDB_Page implements ETagCalculator 'addedBy' => $user->getUsername(), 'issueID' => $issueID, ]; - $db->insert('issues_comments', $commentValues); + $db->unsafeInsert('issues_comments', $commentValues); } }