fix(web): json_encode for input enter in /user/msg

This commit fixes #79. Ref: https://huntr.dev/bounties/a2b63a25-385f-4f4e-b790-d910b90718f7/
2024-09-16 19:35:18 +00:00 · 2021-09-09 21:25:44 +08:00 · 2021-09-09 21:25:44 +08:00 · ebf541ab91
commit ebf541ab91
parent 9edd28541e
1 changed files with 1 additions and 1 deletions
--- a/web/app/controllers/user_msg.php
+++ b/web/app/controllers/user_msg.php
@ -151,7 +151,7 @@ $(document).ready(function() {
 	$.ajaxSetup({async:false});
 	refreshConversations();
 	<?php if (isset($_GET['enter'])): ?>
-	enterConversation("<?= $_GET['enter'] ?>");
+	enterConversation(<?= json_encode($_GET['enter']) ?>);
 	<?php endif ?>
 });
 </script>