diff --git a/www/pages/ticket.php b/www/pages/ticket.php index fb5c7b32..bd653b2c 100644 --- a/www/pages/ticket.php +++ b/www/pages/ticket.php @@ -726,7 +726,7 @@ class Ticket { $citation_info =$recv_messages[0]['zeit']." ".$recv_messages[0]['verfasser']." <".$recv_messages[0]['mail'].">"; $text = $drafted_messages[0]['text'].$nl.$nl.$citation_info.":".$nl."
".$recv_messages[0]['text']."
"; - $sql = "UPDATE ticket_nachricht SET text='".$text."' WHERE id=".$drafted_messages[0]['id']; + $sql = "UPDATE ticket_nachricht SET text='".$this->app->DB->real_escape_string($text)."' WHERE id=".$drafted_messages[0]['id']; $this->app->DB->Update($sql); header("Location: index.php?module=ticket&action=edit&id=$id"); $this->app->ExitXentral();