From bd680889bedbcc2fb3185caa79a66c2b67eca64a Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Fri, 13 Sep 2013 15:13:38 +0000
Subject: [PATCH] Avoid double-encoding thread titles

This is safe now, because the title is appropriately encoded in
class.thread.php/ThreadEntry::create()

Fixes #567, #718
---
 include/staff/ticket-view.inc.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/staff/ticket-view.inc.php b/include/staff/ticket-view.inc.php
index d67243af7..3d119fb8c 100644
--- a/include/staff/ticket-view.inc.php
+++ b/include/staff/ticket-view.inc.php
@@ -294,7 +294,7 @@ if(!$cfg->showNotesInline()) { ?>
                 <th width="640">
                     <?php
                     echo sprintf('%s <em>posted by <b>%s</b></em>',
-                            Format::htmlchars($note['title']),
+                            $note['title'],
                             Format::htmlchars($note['poster']));
                     ?>
                 </th>
@@ -338,7 +338,7 @@ if(!$cfg->showNotesInline()) { ?>
         <table class="<?php echo $threadTypes[$entry['thread_type']]; ?>" cellspacing="0" cellpadding="1" width="940" border="0">
             <tr>
                 <th width="200"><?php echo Format::db_datetime($entry['created']);?></th>
-                <th width="440"><span><?php echo Format::htmlchars($entry['title']); ?></span></th>
+                <th width="440"><span><?php echo $entry['title']; ?></span></th>
                 <th width="300" class="tmeta"><?php echo Format::htmlchars($entry['poster']); ?></th>
             </tr>
             <tr><td colspan=3><?php echo Format::display($entry['body']); ?></td></tr>
-- 
GitLab