Sanitize first name in welcome message

[jacklul]

It seems like htmlentities is breaking for some people's names, maybe filter_var($new_user->getFirstName(), FILTER_SANITIZE_SPECIAL_CHARS) would be better? Anyone with experience in this?

[Hitmare]

What do you mean with breaking people's names ?

Besides, I think its a good idea to filter out special characters.

[jacklul]

Per telegram documentation only those characters are supported as HTML codes: " < > &

Currently htmlentities converts all HTML characters to their html &xx; code which makes some people's names broken.

[noplanman]

@jacklul Do you mean breaking like this?

I was wondering if we even need to do any encoding.

e.g. This name of special characters: ©®åß∂ƒ@ªº∆¬
without encoding: ©®åß∂ƒ@ªº∆¬
htmlentities(): ©®åß∂ƒ@ªº∆¬

It seems Telegram itself handles HTML code inside the name.

[jacklul]

Exactly this, I don't think we need to encode other symbols than " < > & since only those are potential string breakers, right?

[noplanman]

Closing this off for now...
If some other issue pops up, we can reopen.