From d6660bff043125308fd6cf26516797f833bf35b3 Mon Sep 17 00:00:00 2001
From: johnnyq <johnny@pittpc.com>
Date: Thu, 21 Dec 2023 02:02:40 -0500
Subject: [PATCH] Fix sending mail on item sharing

---
 ajax.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ajax.php b/ajax.php
index 9f7e5b18..dfc6df69 100644
--- a/ajax.php
+++ b/ajax.php
@@ -310,7 +310,7 @@ if (isset($_GET['share_generate_link'])) {
         if ($item_expires_friendly == "never") {
             $subject = "$session_company_name secure link enclosed";
         }
-        $body = "Hello,<br><br>$session_name from $session_company_name sent you a time sensitive secure link regarding '$item_name'.<br><br>The link will expire in <strong>$item_expires_friendly</strong> and may only be viewed <strong>$item_view_limit</strong> times, before the link is destroyed. <br><br><strong><a href='$url'>Click here to access your secure content</a></strong><br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email";
+        $body = mysqli_real_escape_string($mysqli, "Hello,<br><br>$session_name from $session_company_name sent you a time sensitive secure link regarding '$item_name'.<br><br>The link will expire in <strong>$item_expires_friendly</strong> and may only be viewed <strong>$item_view_limit</strong> times, before the link is destroyed. <br><br><strong><a href='$url'>Click here to access your secure content</a></strong><br><br>~<br>$session_company_name<br>Support Department<br>$config_ticket_from_email");
 
         $data = [
             [
@@ -319,7 +319,7 @@ if (isset($_GET['share_generate_link'])) {
                 'recipient' => $item_email,
                 'recipient_name' => $item_email,
                 'subject' => $subject,
-                'body' => $body,
+                'body' => $body
             ]
         ];