diff --git a/core/users/user_edit.php b/core/users/user_edit.php
index 77a7b85681..11c2e30f8e 100644
--- a/core/users/user_edit.php
+++ b/core/users/user_edit.php
@@ -45,7 +45,7 @@
}
else {
// load users own account
- header("Location: user_edit.php?id=".$_SESSION['user_uuid']);
+ header("Location: user_edit.php?id=".urlencode($_SESSION['user_uuid']));
exit;
}
@@ -206,7 +206,7 @@
//return if error
if (message::count() != 0) {
$_SESSION['tmp'][$_SERVER['PHP_SELF']]['user'] = $_POST;
- header("Location: user_edit.php".(permission_exists('user_edit') && $action != 'add' ? "?id=".$user_uuid : null));
+ header("Location: user_edit.php".(permission_exists('user_edit') && $action != 'add' ? "?id=".urlencode($user_uuid) : null));
exit;
}
@@ -666,7 +666,7 @@
echo " ";
}
if (permission_exists('ticket_add') || permission_exists('ticket_edit')) {
- echo " ";
+ echo " ";
}
echo " ";
echo "\n";
@@ -875,7 +875,7 @@
echo "
\n";
echo $text['description-contact']."\n";
if (strlen($contact_uuid) > 0) {
- echo " ".$text['description-contact_view']."\n";
+ echo " ".$text['description-contact_view']."\n";
}
echo " ";
echo " ";
@@ -930,7 +930,7 @@
echo " \n";
if (permission_exists('group_member_delete') || if_group("superadmin")) {
echo " \n";
- echo " ".$v_link_label_delete."\n";
+ echo " ".$v_link_label_delete."\n";
echo " | \n";
}
echo "\n";