From 3c216d9b7cf827e505423732a7dc5c55d7342828 Mon Sep 17 00:00:00 2001
From: Tomo Norman <tomo.l.norman@gmail.com>
Date: Wed, 20 Jul 2022 20:48:31 +0900
Subject: [PATCH] DP-542 Fix email sanitization issues

---
 src/Components/Registrar.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/Components/Registrar.php b/src/Components/Registrar.php
index 38f3563f..58a5aa0f 100644
--- a/src/Components/Registrar.php
+++ b/src/Components/Registrar.php
@@ -122,12 +122,12 @@ protected static function sendConfirmation($user, $emailServiceId, $emailTemplat
                     'link'           => url(\Config::get('df.confirm_register_url')) .
                         '?code=' . $user->confirm_code .
                         '&email=' . $email .
-                        '&username=' . $user->username,
-                    'first_name'     => $user->first_name,
-                    'last_name'      => $user->last_name,
-                    'name'           => $user->name,
+                        '&username=' . strip_tags($user->username),
+                    'first_name'     => strip_tags($user->first_name),
+                    'last_name'      => strip_tags($user->last_name),
+                    'name'           => strip_tags($user->name),
                     'email'          => $user->email,
-                    'phone'          => $user->phone,
+                    'phone'          => strip_tags($user->phone),
                     'content_header' => array_get($templateData, 'subject', 'Confirm your DreamFactory account.'),
                     'app_name'       => \Config::get('app.name'),
                     'instance_name'  => \Config::get('app.name'), // older templates