osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now
htmlspecialchars on ticket replies
SQL statements are often posted as internal notes when solving support cases that require such statements to fix..
I have noticed any < > characters, when viewing the saved note, are being picked up as HTML tags and therefore not showing in the SQL statement properly.
I can go in the database and replace the < with a < and the > with a > for it to display properly.. I'm sure htmlspecialchars() on this data would do the trick when saving the notes. Is this not being done by default, or have I modified/removed something that was doing this?