Description
I sent a new HTML message to phpList using the messageAdd API command (via cUrl) but I've found out that quotes and double quotes have been escaped.
So I tried a simple cUrl request using as content this string:
This is a "double" and 'single' quotes test
After a succesfull API call, I've checked the db and I've see something like that (table phplist_message, column message):
This is a "double" and 'single' quotes test
That's my sending code:
$response = json_decode($this->callAPI($this->method, $this->url, array(
'password' => $this->pass,
'login' => $this->user,
'cmd' => 'messageAdd',
'subject' => $subject,
'fromfield' => $from,
'replyto' => '',
'message' => $content,
'textmessage' => '',
'footer' => 'If you want to unsubscribe, please use [UNSUBSCRIBE]',
'status' => 'draft',
'sendformat' => 'HTML',
'template' => '4',
'embargo' => '',
'rsstemplate' => null,
'owner' => '2',
'htmlformatted' => '1'
)));
Both machines (the sending one with PHP 5.5.9 and the receiving one with PHP 5.3.29) have magic quotes disabled (I've double checked multiple times); the incoming request to the receiving machine is correct, without any escaping.
Everything is pretty fine if I open the message preview; the problems start when I try to edit that message: the WYSIWYG editor seems to not be able to understand an escaped double quote, thus destroying all the message's HTML.