From 12d46cf072875a7703681765db3c092f951edd3e Mon Sep 17 00:00:00 2001
From: emericklaw <matt@emericklaw.co.uk>
Date: Fri, 3 May 2019 17:54:33 +0100
Subject: [PATCH] Updated to not convert quotes

I missed using ENT_NOQUOTES since XML only needs & and <> to be replaced in tags, spotted by @mkuron
---
 data/web/mobileconfig.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/web/mobileconfig.php b/data/web/mobileconfig.php
index abdf2cb8..38b249c6 100644
--- a/data/web/mobileconfig.php
+++ b/data/web/mobileconfig.php
@@ -22,7 +22,7 @@ try {
   $stmt = $pdo->prepare("SELECT `name` FROM `mailbox` WHERE `username`= :username");
   $stmt->execute(array(':username' => $email));
   $MailboxData = $stmt->fetch(PDO::FETCH_ASSOC);
-  $displayname = htmlspecialchars(empty($MailboxData['name']) ? $email : $MailboxData['name']);
+  $displayname = htmlspecialchars(empty($MailboxData['name']) ? $email : $MailboxData['name'], ENT_NOQUOTES);
 }
 catch(PDOException $e) {
   $displayname = $email;