fix view message xss

2026-04-03 14:10:57 +08:00 · 2023-11-22 14:50:14 +08:00
parent b2a2470cee
commit 8fc88d3ada
1 changed files with 1 additions and 1 deletions
--- a/public/messages.php
+++ b/public/messages.php
@@ -229,7 +229,7 @@ $reply = " [ <a href=\"sendmessage.php?receiver=" . $message['sender'] . "&reply
 }
 }
 $body = format_comment($message['msg']);
-$body = htmlspecialchars_decode($body);
+//$body = htmlspecialchars_decode($body);
 $added = $message['added'];
 if ($message['sender'] == $CURUSER['id'])
 {