From e70e827767892feeb37e25b456dc5c50203455c6 Mon Sep 17 00:00:00 2001
From: Thomas Lange <code@nerdmind.de>
Date: Sat, 3 Feb 2024 18:28:46 +0100
Subject: Hotfix: Replace `"` with `'` in link title string

Because there currently is no sane way to escape double quotes within a
string intended to be used as title for a Markdown formatted link, just
replace the double with single quotes until a better solution is found.

Note: Just replacing with `&quot;` will not work here because Parsedown
escapes this further to `&amp;quot;`.
---
 core/functions.php | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/core/functions.php b/core/functions.php
index bf04ccc..7384c88 100644
--- a/core/functions.php
+++ b/core/functions.php
@@ -312,11 +312,20 @@ function getEntityMarkdownLink($ns, $id, $text = NULL, $info = NULL): string {
 		return sprintf('`{%s: *Reference error*}`', strtoupper($ns));
 	}
 
-	$title = htmlspecialchars($Entity->get('name') ?? $Entity->get('fullname'));
+	$title = $Entity->get('name') ?? $Entity->get('fullname');
 	$href = Application::getEntityURL($Entity);
 	$text = $text ?: "»{$title}«";
-	$info = $info ?: sprintf('%s »%s«',
-		Application::getLanguage()->text(strtolower($ns)), $title);
+
+	if($info === NULL) {
+		$info = sprintf('%s »%s«',
+			Application::getLanguage()->text(strtolower($ns)),
+			$title);
+	}
+
+	# Hotfix: Replace double quotes with single quotes because currently we
+	# have no sane way to escape double quotes in a string intended to be
+	# used as the title for a Markdown formatted link.
+	$info = str_replace('"', "'", $info);
 
 	return sprintf('[%s](%s "%s")',	$text, $href, $info);
 }
-- 
cgit v1.2.3