File: C:\...\sources\admin\ManageSearch.controller.php
Url: /index.php?action=admin;area=managesearch;sa=settings
'url' => trim(Util::htmlspecialchars($_POST['engine_url'][$id], ENT_COMPAT))
htmlspecialchars replaced
& symbol in my url.
Maybe better to check the url function
filter_var('http://example.com', FILTER_VALIDATE_URL) ?
~ See fix example ~ (https://github.com/interlab/Elkarte/commit/baffb6cd4a6e0989cab49bb8e8cfa89be0548f48), but it is not safe :-\
Good point...
Or in alternative un_htmlspecialchars the url before using it?
hmm... I don't remember posting the previous one... writing yes, but not posting... unless I was doing something else. meh.