From 912943b44a17b0b03bec2016759eb4c6440bbef4 Mon Sep 17 00:00:00 2001
From: github-actions <github-actions@github.com>
Date: Mon, 5 Aug 2024 14:49:43 +0200
Subject: [PATCH 1/3] htmlspecialchars

---
 application/models/Eqslmethods_model.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/models/Eqslmethods_model.php b/application/models/Eqslmethods_model.php
index 5e9030d63..6a0f334d9 100644
--- a/application/models/Eqslmethods_model.php
+++ b/application/models/Eqslmethods_model.php
@@ -100,7 +100,7 @@ class Eqslmethods_model extends CI_Model {
         $adif .= "%3A";
         $adif .= strlen($data['user_eqsl_password']);
         $adif .= "%3E";
-        $adif .= urlencode($data['user_eqsl_password']);
+        $adif .= urlencode(htmlspecialchars($data['user_eqsl_password']));
         $adif .= "%20";
 
         $adif .= "%3C";

From 6cdcfa86d1553ba86b7b3908584101f5692becc6 Mon Sep 17 00:00:00 2001
From: github-actions <github-actions@github.com>
Date: Tue, 6 Aug 2024 13:20:09 +0200
Subject: [PATCH 2/3] revert encoding here

---
 application/models/Eqslmethods_model.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/models/Eqslmethods_model.php b/application/models/Eqslmethods_model.php
index 6a0f334d9..5e9030d63 100644
--- a/application/models/Eqslmethods_model.php
+++ b/application/models/Eqslmethods_model.php
@@ -100,7 +100,7 @@ class Eqslmethods_model extends CI_Model {
         $adif .= "%3A";
         $adif .= strlen($data['user_eqsl_password']);
         $adif .= "%3E";
-        $adif .= urlencode(htmlspecialchars($data['user_eqsl_password']));
+        $adif .= urlencode($data['user_eqsl_password']);
         $adif .= "%20";
 
         $adif .= "%3C";

From 7c82d51916ae0f20d6d65990cd608b4b704c823c Mon Sep 17 00:00:00 2001
From: github-actions <github-actions@github.com>
Date: Tue, 6 Aug 2024 13:45:31 +0200
Subject: [PATCH 3/3] decode password

---
 application/models/Eqslmethods_model.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/models/Eqslmethods_model.php b/application/models/Eqslmethods_model.php
index 5e9030d63..a1e89d39d 100644
--- a/application/models/Eqslmethods_model.php
+++ b/application/models/Eqslmethods_model.php
@@ -41,7 +41,7 @@ class Eqslmethods_model extends CI_Model {
 
     function uploadUser($userid, $username, $password) {
         $data['user_eqsl_name'] = $this->security->xss_clean($username);
-        $data['user_eqsl_password'] = $this->security->xss_clean($password);
+        $data['user_eqsl_password'] = html_entity_decode($this->security->xss_clean($password));
         $clean_userid = $this->security->xss_clean($userid);
 
         $qslsnotsent = $this->eqsl_not_yet_sent($clean_userid);