From 0c41444928f5aa392bc2e7c6b360a0e4489a0428 Mon Sep 17 00:00:00 2001 From: novasam23 <291755769+novasam23@users.noreply.github.com> Date: Thu, 2 Jul 2026 08:33:01 +0200 Subject: [PATCH 1/2] Change flag for HTML entity decoding to ENT_QUOTES to correspond with the flag used for encoding --- src/inc/apiv2/common/AbstractBaseAPI.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/inc/apiv2/common/AbstractBaseAPI.php b/src/inc/apiv2/common/AbstractBaseAPI.php index 7b31ebd65..e645129ac 100644 --- a/src/inc/apiv2/common/AbstractBaseAPI.php +++ b/src/inc/apiv2/common/AbstractBaseAPI.php @@ -609,7 +609,7 @@ protected static function db2json(array $feature, mixed $val): mixed { $obj = array_map('intval', preg_split("/,/", $val, -1, PREG_SPLIT_NO_EMPTY)); } elseif (str_starts_with($feature['type'], 'str') && $val !== null) { - $obj = html_entity_decode($val, ENT_COMPAT, "UTF-8"); + $obj = html_entity_decode($val, ENT_QUOTES, "UTF-8"); } else { // TODO: Check all objects, instead of wild cast to hopefully-JSON compatible object From 97260d33f0597dee68b90096582cf124fefb4a97 Mon Sep 17 00:00:00 2001 From: novasam23 <291755769+novasam23@users.noreply.github.com> Date: Thu, 2 Jul 2026 13:37:31 +0200 Subject: [PATCH 2/2] Remove encoding of HTML entities for strings entirely --- src/inc/apiv2/common/AbstractBaseAPI.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/inc/apiv2/common/AbstractBaseAPI.php b/src/inc/apiv2/common/AbstractBaseAPI.php index e645129ac..cd1eb2e37 100644 --- a/src/inc/apiv2/common/AbstractBaseAPI.php +++ b/src/inc/apiv2/common/AbstractBaseAPI.php @@ -609,7 +609,7 @@ protected static function db2json(array $feature, mixed $val): mixed { $obj = array_map('intval', preg_split("/,/", $val, -1, PREG_SPLIT_NO_EMPTY)); } elseif (str_starts_with($feature['type'], 'str') && $val !== null) { - $obj = html_entity_decode($val, ENT_QUOTES, "UTF-8"); + $obj = $val; } else { // TODO: Check all objects, instead of wild cast to hopefully-JSON compatible object @@ -632,7 +632,7 @@ protected static function json2db(array $feature, mixed $obj): ?string { $val = $obj; } elseif (str_starts_with($feature['type'], 'str')) { - $val = htmlentities($obj, ENT_QUOTES, "UTF-8"); + $val = $obj; } elseif ($feature['type'] == 'array' && ($feature['subtype'] == 'int' || $feature['subtype'] == 'string')) { $val = implode(",", $obj);