From: Alan <alan@roojs.com>
Date: Wed, 28 Jun 2023 09:06:49 +0000 (+0800)
Subject: use escape
X-Git-Url: http://git.roojs.org/?p=Pman.MTrack;a=commitdiff_plain;h=ed55936a8a718b1ae1778add7fc9201ebc8e6ee1

use escape
---

diff --git a/DataObjects/Mtrack_change.php b/DataObjects/Mtrack_change.php
index 3d9dbb4..3e63d62 100644
--- a/DataObjects/Mtrack_change.php
+++ b/DataObjects/Mtrack_change.php
@@ -766,13 +766,13 @@ class Pman_MTrack_DataObjects_Mtrack_change extends DB_DataObject
         $res = $tg->factory('SendMessage',array(
             'chat_id' => 35721679,
             'parse_mode' => 'MarkdownV2',
-            'text' => "/ticket@{$this->onid}  *". htmlspecialchars($t->summary) . "*\n\n".
-                    "{$this->cgtype} by {$this->person()->name} \n\n" . htmlspecialchars(implode("\n", $str))
+            'text' => "/ticket@{$this->onid}  *". $tg->escape($t->summary) . "*\n\n".
+                    "{$this->cgtype} by ". $tg->escape($this->person()->name) . "\n\n" . $tg->escape(implode("\n", $str))
                 
           
         ))->send();
          
-         print_R($res);exit;
+         
     }