Merge branch '3.3.x'

2025-06-08 04:18:52 +00:00 · 2022-04-30 22:46:05 +02:00 · 2022-04-30 22:46:05 +02:00 · 0a64ffa834
commit 0a64ffa834
parent 024b37c7b2 3308318524
54 changed files with 131 additions and 131 deletions
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@ -86,7 +86,7 @@ class acp_bbcodes
 				$display_on_posting = $request->variable('display_on_posting', 0);
 				$bbcode_match = $request->variable('bbcode_match', '');
-				$bbcode_tpl = htmlspecialchars_decode($request->variable('bbcode_tpl', '', true), ENT_COMPAT);
+				$bbcode_tpl = html_entity_decode($request->variable('bbcode_tpl', '', true), ENT_COMPAT);
 				$bbcode_helpline = $request->variable('bbcode_helpline', '', true);
 			break;
 		}
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@ -695,8 +695,8 @@ class acp_board
 				$messenger->set_addresses($user->data);
 				$messenger->anti_abuse_headers($config, $user);
 				$messenger->assign_vars(array(
-					'USERNAME'	=> htmlspecialchars_decode($user->data['username'], ENT_COMPAT),
+					'USERNAME'	=> html_entity_decode($user->data['username'], ENT_COMPAT),
-					'MESSAGE'	=> htmlspecialchars_decode($request->variable('send_test_email_text', '', true), ENT_COMPAT),
+					'MESSAGE'	=> html_entity_decode($request->variable('send_test_email_text', '', true), ENT_COMPAT),
 				));
 				$messenger->send(NOTIFY_EMAIL);
--- a/phpBB/includes/acp/acp_email.php
+++ b/phpBB/includes/acp/acp_email.php
@ -205,7 +205,7 @@ class acp_email
 				$email_template = 'admin_send_email';
 				$template_data = array(
 					'CONTACT_EMAIL' => phpbb_get_board_contact($config, $phpEx),
-					'MESSAGE'		=> htmlspecialchars_decode($message, ENT_COMPAT),
+					'MESSAGE'		=> html_entity_decode($message, ENT_COMPAT),
 				);
 				$generate_log_entry = true;
@ -252,7 +252,7 @@ class acp_email
 					$messenger->anti_abuse_headers($config, $user);
-					$messenger->subject(htmlspecialchars_decode($subject, ENT_COMPAT));
+					$messenger->subject(html_entity_decode($subject, ENT_COMPAT));
 					$messenger->set_mail_priority($priority);
 					$messenger->assign_vars($template_data);
--- a/phpBB/includes/acp/acp_help_phpbb.php
+++ b/phpBB/includes/acp/acp_help_phpbb.php
@ -90,7 +90,7 @@ class acp_help_phpbb
 			if (!empty($response))
 			{
-				$decoded_response = json_decode(htmlspecialchars_decode($response, ENT_COMPAT), true);
+				$decoded_response = json_decode(html_entity_decode($response, ENT_COMPAT), true);
 				if ($decoded_response && isset($decoded_response['status']) && $decoded_response['status'] == 'ok')
 				{
--- a/phpBB/includes/acp/acp_inactive.php
+++ b/phpBB/includes/acp/acp_inactive.php
@ -130,7 +130,7 @@ class acp_inactive
 								$messenger->anti_abuse_headers($config, $user);
 								$messenger->assign_vars(array(
-									'USERNAME'	=> htmlspecialchars_decode($row['username'], ENT_COMPAT))
+									'USERNAME'	=> html_entity_decode($row['username'], ENT_COMPAT))
 								);
 								$messenger->send(NOTIFY_EMAIL);
@ -224,7 +224,7 @@ class acp_inactive
 							$messenger->anti_abuse_headers($config, $user);
 							$messenger->assign_vars(array(
-								'USERNAME'		=> htmlspecialchars_decode($row['username'], ENT_COMPAT),
+								'USERNAME'		=> html_entity_decode($row['username'], ENT_COMPAT),
 								'REGISTER_DATE'	=> $user->format_date($row['user_regdate'], false, true),
 								'U_ACTIVATE'	=> generate_board_url() . "/ucp.$phpEx?mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey'])
 							);
--- a/phpBB/includes/acp/acp_logs.php
+++ b/phpBB/includes/acp/acp_logs.php
@ -108,7 +108,7 @@ class acp_logs
 		$sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
 		$keywords = $request->variable('keywords', '', true);
-		$keywords_param = !empty($keywords) ? '&amp;keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+		$keywords_param = !empty($keywords) ? '&amp;keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
 		$l_title = $user->lang['ACP_' . strtoupper($mode) . '_LOGS'];
 		$l_title_explain = $user->lang['ACP_' . strtoupper($mode) . '_LOGS_EXPLAIN'];
--- a/phpBB/includes/acp/acp_ranks.php
+++ b/phpBB/includes/acp/acp_ranks.php
@ -70,7 +70,7 @@ class acp_ranks
 					'rank_title'		=> $rank_title,
 					'rank_special'		=> $special_rank,
 					'rank_min'			=> $min_posts,
-					'rank_image'		=> htmlspecialchars_decode($rank_image, ENT_COMPAT)
+					'rank_image'		=> html_entity_decode($rank_image, ENT_COMPAT)
 				);
 				/**
--- a/phpBB/includes/acp/acp_users.php
+++ b/phpBB/includes/acp/acp_users.php
@ -408,8 +408,8 @@ class acp_users
 								$messenger->anti_abuse_headers($config, $user);
 								$messenger->assign_vars(array(
-									'WELCOME_MSG'	=> htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
+									'WELCOME_MSG'	=> html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
-									'USERNAME'		=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+									'USERNAME'		=> html_entity_decode($user_row['username'], ENT_COMPAT),
 									'U_ACTIVATE'	=> "$server_url/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k=$user_actkey")
 								);
@ -472,7 +472,7 @@ class acp_users
 									$messenger->anti_abuse_headers($config, $user);
 									$messenger->assign_vars(array(
-										'USERNAME'	=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT))
+										'USERNAME'	=> html_entity_decode($user_row['username'], ENT_COMPAT))
 									);
 									$messenger->send(NOTIFY_EMAIL);
--- a/phpBB/includes/functions_compatibility.php
+++ b/phpBB/includes/functions_compatibility.php
@ -723,7 +723,7 @@ function phpbb_http_login($param)
 	{
 		if ($request->is_set($k, \phpbb\request\request_interface::SERVER))
 		{
-			$username = htmlspecialchars_decode($request->server($k), ENT_COMPAT);
+			$username = html_entity_decode($request->server($k), ENT_COMPAT);
 			break;
 		}
 	}
@ -733,7 +733,7 @@ function phpbb_http_login($param)
 	{
 		if ($request->is_set($k, \phpbb\request\request_interface::SERVER))
 		{
-			$password = htmlspecialchars_decode($request->server($k), ENT_COMPAT);
+			$password = html_entity_decode($request->server($k), ENT_COMPAT);
 			break;
 		}
 	}
--- a/phpBB/includes/functions_content.php
+++ b/phpBB/includes/functions_content.php
@ -804,8 +804,8 @@ function make_clickable_callback($type, $whitespace, $url, $relative_url, $class
 	$orig_url		= $url;
 	$orig_relative	= $relative_url;
 	$append			= '';
-	$url			= htmlspecialchars_decode($url, ENT_COMPAT);
+	$url			= html_entity_decode($url, ENT_COMPAT);
-	$relative_url	= htmlspecialchars_decode($relative_url, ENT_COMPAT);
+	$relative_url	= html_entity_decode($relative_url, ENT_COMPAT);
 	// make sure no HTML entities were matched
 	$chars = array('<', '>', '"');
@ -1478,7 +1478,7 @@ function truncate_string($string, $max_length = 60, $max_store_length = 255, $al
 		$string = substr($string, 4);
 	}
-	$_chars = utf8_str_split(htmlspecialchars_decode($string, ENT_COMPAT));
+	$_chars = utf8_str_split(html_entity_decode($string, ENT_COMPAT));
 	$chars = array_map('utf8_htmlspecialchars', $_chars);
 	// Now check the length ;)
@ -1493,7 +1493,7 @@ function truncate_string($string, $max_length = 60, $max_store_length = 255, $al
 	if (utf8_strlen($string) > $max_store_length)
 	{
 		// let's split again, we do not want half-baked strings where entities are split
-		$_chars = utf8_str_split(htmlspecialchars_decode($string, ENT_COMPAT));
+		$_chars = utf8_str_split(html_entity_decode($string, ENT_COMPAT));
 		$chars = array_map('utf8_htmlspecialchars', $_chars);
 		do
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@ -320,8 +320,8 @@ class messenger
 		// We add some standard variables we always use, no need to specify them always
 		$this->assign_vars(array(
 			'U_BOARD'	=> generate_board_url(),
-			'EMAIL_SIG'	=> str_replace('<br />', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)),
+			'EMAIL_SIG'	=> str_replace('<br />', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)),
-			'SITENAME'	=> htmlspecialchars_decode($config['sitename'], ENT_COMPAT),
+			'SITENAME'	=> html_entity_decode($config['sitename'], ENT_COMPAT),
 		));
 		$subject = $this->subject;
@ -427,7 +427,7 @@ class messenger
 			$user->session_begin();
 		}
-		$calling_page = htmlspecialchars_decode($request->server('PHP_SELF'), ENT_COMPAT);
+		$calling_page = html_entity_decode($request->server('PHP_SELF'), ENT_COMPAT);
 		switch ($type)
 		{
@ -557,7 +557,7 @@ class messenger
 			$use_queue = true;
 		}
-		$contact_name = htmlspecialchars_decode($config['board_contact_name'], ENT_COMPAT);
+		$contact_name = html_entity_decode($config['board_contact_name'], ENT_COMPAT);
 		$board_contact = (($contact_name !== '') ? '"' . mail_encode($contact_name) . '" ' : '') . '<' . $config['board_contact'] . '>';
 		$break = false;
@ -691,7 +691,7 @@ class messenger
 		if (!$use_queue)
 		{
 			include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
-			$this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
+			$this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], html_entity_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
 			if (!$this->jabber->connect())
 			{
@ -889,7 +889,7 @@ class queue
 					}
 					include_once($phpbb_root_path . 'includes/functions_jabber.' . $phpEx);
-					$this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], htmlspecialchars_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
+					$this->jabber = new jabber($config['jab_host'], $config['jab_port'], $config['jab_username'], html_entity_decode($config['jab_password'], ENT_COMPAT), $config['jab_use_ssl'], $config['jab_verify_peer'], $config['jab_verify_peer_name'], $config['jab_allow_self_signed']);
 					if (!$this->jabber->connect())
 					{
@ -1206,7 +1206,7 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false)
 	}
 	// Let me in. This function handles the complete authentication process
-	if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], htmlspecialchars_decode($config['smtp_password'], ENT_COMPAT), $config['smtp_auth_method']))
+	if ($err_msg = $smtp->log_into_server($config['smtp_host'], $config['smtp_username'], html_entity_decode($config['smtp_password'], ENT_COMPAT), $config['smtp_auth_method']))
 	{
 		$smtp->close_session($err_msg);
 		return false;
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@ -1575,11 +1575,11 @@ function validate_string($string, $optional = false, $min = 0, $max = 0)
 		return false;
 	}
-	if ($min && utf8_strlen(htmlspecialchars_decode($string, ENT_COMPAT)) < $min)
+	if ($min && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) < $min)
 	{
 		return 'TOO_SHORT';
 	}
-	else if ($max && utf8_strlen(htmlspecialchars_decode($string, ENT_COMPAT)) > $max)
+	else if ($max && utf8_strlen(html_entity_decode($string, ENT_COMPAT)) > $max)
 	{
 		return 'TOO_LONG';
 	}
--- a/phpBB/includes/mcp/mcp_logs.php
+++ b/phpBB/includes/mcp/mcp_logs.php
@ -179,7 +179,7 @@ class mcp_logs
 		$sql_sort = $sort_by_sql[$sort_key] . ' ' . (($sort_dir == 'd') ? 'DESC' : 'ASC');
 		$keywords = $request->variable('keywords', '', true);
-		$keywords_param = !empty($keywords) ? '&amp;keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+		$keywords_param = !empty($keywords) ? '&amp;keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
 		// Grab log data
 		$log_data = array();
--- a/phpBB/includes/mcp/mcp_notes.php
+++ b/phpBB/includes/mcp/mcp_notes.php
@ -197,7 +197,7 @@ class mcp_notes
 		$sql_sort = $sort_by_sql[$sk] . ' ' . (($sd == 'd') ? 'DESC' : 'ASC');
 		$keywords = $request->variable('keywords', '', true);
-		$keywords_param = !empty($keywords) ? '&amp;keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+		$keywords_param = !empty($keywords) ? '&amp;keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
 		$log_data = array();
 		$log_count = 0;
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@ -447,7 +447,7 @@ class bbcode_firstpass extends bbcode
 				}
 				// Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results
-				$code = htmlspecialchars_decode($code, ENT_COMPAT);
+				$code = html_entity_decode($code, ENT_COMPAT);
 				$code = highlight_string($code, true);
 				$str_from = array('<span style="color: ', '<font color="syntax', '</font>', '<code>', '</code>','[', ']', '.', ':');
@ -1185,7 +1185,7 @@ class parse_message extends bbcode_firstpass
 		));
 		// Parse this message
-		$this->message = $parser->parse(htmlspecialchars_decode($this->message, ENT_QUOTES));
+		$this->message = $parser->parse(html_entity_decode($this->message, ENT_QUOTES));
 		// Remove quotes that are nested too deep
 		if ($config['max_quote_depth'] > 0)
--- a/phpBB/includes/questionnaire/questionnaire.php
+++ b/phpBB/includes/questionnaire/questionnaire.php
@ -150,11 +150,11 @@ class phpbb_questionnaire_system_data_provider
 		// Start discovering the IPV4 server address, if available
 		// Try apache, IIS, fall back to 0.0.0.0
-		$server_address = htmlspecialchars_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')), ENT_COMPAT);
+		$server_address = html_entity_decode($request->server('SERVER_ADDR', $request->server('LOCAL_ADDR', '0.0.0.0')), ENT_COMPAT);
 		return array(
 			'os'	=> PHP_OS,
-			'httpd'	=> htmlspecialchars_decode($request->server('SERVER_SOFTWARE'), ENT_COMPAT),
+			'httpd'	=> html_entity_decode($request->server('SERVER_SOFTWARE'), ENT_COMPAT),
 			// we don't want the real IP address (for privacy policy reasons) but only
 			// a network address to see whether your installation is running on a private or public network.
 			'private_ip'	=> $this->is_private_ip($server_address),
--- a/phpBB/includes/ucp/ucp_activate.php
+++ b/phpBB/includes/ucp/ucp_activate.php
@ -142,7 +142,7 @@ class ucp_activate
 			$messenger->anti_abuse_headers($config, $user);
 			$messenger->assign_vars(array(
-				'USERNAME'	=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT))
+				'USERNAME'	=> html_entity_decode($user_row['username'], ENT_COMPAT))
 			);
 			$messenger->send($user_row['user_notify_type']);
--- a/phpBB/includes/ucp/ucp_profile.php
+++ b/phpBB/includes/ucp/ucp_profile.php
@ -186,7 +186,7 @@ class ucp_profile
 							$messenger->anti_abuse_headers($config, $user);
 							$messenger->assign_vars(array(
-								'USERNAME'		=> htmlspecialchars_decode($data['username'], ENT_COMPAT),
+								'USERNAME'		=> html_entity_decode($data['username'], ENT_COMPAT),
 								'U_ACTIVATE'	=> "$server_url/ucp.$phpEx?mode=activate&u={$user->data['user_id']}&k=$user_actkey")
 							);
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@ -457,9 +457,9 @@ class ucp_register
 					$messenger->anti_abuse_headers($config, $user);
 					$messenger->assign_vars(array(
-						'WELCOME_MSG'	=> htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
+						'WELCOME_MSG'	=> html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
-						'USERNAME'		=> htmlspecialchars_decode($data['username'], ENT_COMPAT),
+						'USERNAME'		=> html_entity_decode($data['username'], ENT_COMPAT),
-						'PASSWORD'		=> htmlspecialchars_decode($data['new_password'], ENT_COMPAT),
+						'PASSWORD'		=> html_entity_decode($data['new_password'], ENT_COMPAT),
 						'U_ACTIVATE'	=> "$server_url/ucp.$phpEx?mode=activate&u=$user_id&k=$user_actkey")
 					);
--- a/phpBB/includes/ucp/ucp_resend.php
+++ b/phpBB/includes/ucp/ucp_resend.php
@ -99,8 +99,8 @@ class ucp_resend
 				$messenger->anti_abuse_headers($config, $user);
 				$messenger->assign_vars(array(
-					'WELCOME_MSG'	=> htmlspecialchars_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
+					'WELCOME_MSG'	=> html_entity_decode(sprintf($user->lang['WELCOME_SUBJECT'], $config['sitename']), ENT_COMPAT),
-					'USERNAME'		=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+					'USERNAME'		=> html_entity_decode($user_row['username'], ENT_COMPAT),
 					'U_ACTIVATE'	=> generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")
 				);
@ -134,7 +134,7 @@ class ucp_resend
 					$messenger->anti_abuse_headers($config, $user);
 					$messenger->assign_vars(array(
-						'USERNAME'			=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+						'USERNAME'			=> html_entity_decode($user_row['username'], ENT_COMPAT),
 						'U_USER_DETAILS'	=> generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$user_row['user_id']}",
 						'U_ACTIVATE'		=> generate_board_url() . "/ucp.$phpEx?mode=activate&u={$user_row['user_id']}&k={$user_row['user_actkey']}")
 					);
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@ -441,16 +441,16 @@ switch ($mode)
 						$messenger = new messenger(false);
 						$messenger->template('profile_send_im', $row['user_lang']);
-						$messenger->subject(htmlspecialchars_decode($subject, ENT_COMPAT));
+						$messenger->subject(html_entity_decode($subject, ENT_COMPAT));
 						$messenger->replyto($user->data['user_email']);
 						$messenger->set_addresses($row);
 						$messenger->assign_vars(array(
 							'BOARD_CONTACT'	=> phpbb_get_board_contact($config, $phpEx),
-							'FROM_USERNAME'	=> htmlspecialchars_decode($user->data['username'], ENT_COMPAT),
+							'FROM_USERNAME'	=> html_entity_decode($user->data['username'], ENT_COMPAT),
-							'TO_USERNAME'	=> htmlspecialchars_decode($row['username'], ENT_COMPAT),
+							'TO_USERNAME'	=> html_entity_decode($row['username'], ENT_COMPAT),
-							'MESSAGE'		=> htmlspecialchars_decode($message, ENT_COMPAT))
+							'MESSAGE'		=> html_entity_decode($message, ENT_COMPAT))
 						);
 						$messenger->send(NOTIFY_IM);
@ -803,8 +803,8 @@ switch ($mode)
 			'S_USER_NOTES'				=> ($user_notes_enabled) ? true : false,
 			'S_WARN_USER'				=> ($warn_user_enabled) ? true : false,
 			'S_ZEBRA'					=> ($user->data['user_id'] != $user_id && $user->data['is_registered'] && $zebra_enabled) ? true : false,
-			'U_ADD_FRIEND'				=> (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;add=' . urlencode(htmlspecialchars_decode($member['username'], ENT_COMPAT))) : '',
+			'U_ADD_FRIEND'				=> (!$friend && !$foe && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '',
-			'U_ADD_FOE'					=> (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;mode=foes&amp;add=' . urlencode(htmlspecialchars_decode($member['username'], ENT_COMPAT))) : '',
+			'U_ADD_FOE'					=> (!$friend && !$foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;mode=foes&amp;add=' . urlencode(html_entity_decode($member['username'], ENT_COMPAT))) : '',
 			'U_REMOVE_FRIEND'			=> ($friend && $friends_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;usernames[]=' . $user_id) : '',
 			'U_REMOVE_FOE'				=> ($foe && $foes_enabled) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=zebra&amp;remove=1&amp;mode=foes&amp;usernames[]=' . $user_id) : '',
@ -986,7 +986,7 @@ switch ($mode)
 		{
 			$user_list[] = [
 				'user_id'		=> (int) $row['user_id'],
-				'result'		=> htmlspecialchars_decode($row['username']),
+				'result'		=> html_entity_decode($row['username']),
 				'username_full'	=> get_username_string('full', $row['user_id'], $row['username'], $row['user_colour']),
 				'display'		=> get_username_string('no_profile', $row['user_id'], $row['username'], $row['user_colour']),
 			];
--- a/phpBB/phpbb/auth/provider/apache.php
+++ b/phpBB/phpbb/auth/provider/apache.php
@ -73,7 +73,7 @@ class apache extends base
 	 */
 	public function init()
 	{
-		if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT))
+		if (!$this->request->is_set('PHP_AUTH_USER', request_interface::SERVER) || $this->user->data['username'] !== html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT))
 		{
 			return $this->language->lang('APACHE_SETUP_BEFORE_USE');
 		}
@ -113,8 +113,8 @@ class apache extends base
 			);
 		}
-		$php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
+		$php_auth_user = html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
-		$php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
+		$php_auth_pw = html_entity_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
 		if (!empty($php_auth_user) && !empty($php_auth_pw))
 		{
@ -180,8 +180,8 @@ class apache extends base
 			return array();
 		}
-		$php_auth_user = htmlspecialchars_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
+		$php_auth_user = html_entity_decode($this->request->server('PHP_AUTH_USER'), ENT_COMPAT);
-		$php_auth_pw = htmlspecialchars_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
+		$php_auth_pw = html_entity_decode($this->request->server('PHP_AUTH_PW'), ENT_COMPAT);
 		if (!empty($php_auth_user) && !empty($php_auth_pw))
 		{
--- a/phpBB/phpbb/auth/provider/ldap.php
+++ b/phpBB/phpbb/auth/provider/ldap.php
@ -83,7 +83,7 @@ class ldap extends base
 		if ($this->config['ldap_user'] || $this->config['ldap_password'])
 		{
-			if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_password'], ENT_COMPAT)))
+			if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))
 			{
 				return $this->language->lang('LDAP_INCORRECT_USER_PASSWORD');
 			}
@ -92,11 +92,11 @@ class ldap extends base
 		// ldap_connect only checks whether the specified server is valid, so the connection might still fail
 		$search = @ldap_search(
 			$ldap,
-			htmlspecialchars_decode($this->config['ldap_base_dn'], ENT_COMPAT),
+			html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),
 			$this->ldap_user_filter($this->user->data['username']),
 			(empty($this->config['ldap_email'])) ?
-				array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT)) :
+				array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) :
-				array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)),
+				array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),
 			0,
 			1
 		);
@ -115,7 +115,7 @@ class ldap extends base
 			return $this->language->lang('LDAP_NO_IDENTITY', $this->user->data['username']);
 		}
-		if (!empty($this->config['ldap_email']) && !isset($result[0][htmlspecialchars_decode($this->config['ldap_email'])]))
+		if (!empty($this->config['ldap_email']) && !isset($result[0][html_entity_decode($this->config['ldap_email'])]))
 		{
 			return $this->language->lang('LDAP_NO_EMAIL');
 		}
@ -180,7 +180,7 @@ class ldap extends base
 		if ($this->config['ldap_user'] || $this->config['ldap_password'])
 		{
-			if (!@ldap_bind($ldap, htmlspecialchars_decode($this->config['ldap_user'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_password'], ENT_COMPAT)))
+			if (!@ldap_bind($ldap, html_entity_decode($this->config['ldap_user'], ENT_COMPAT), html_entity_decode($this->config['ldap_password'], ENT_COMPAT)))
 			{
 				return array(
 					'status'		=> LOGIN_ERROR_EXTERNAL_AUTH,
@ -192,11 +192,11 @@ class ldap extends base
 		$search = @ldap_search(
 			$ldap,
-			htmlspecialchars_decode($this->config['ldap_base_dn'], ENT_COMPAT),
+			html_entity_decode($this->config['ldap_base_dn'], ENT_COMPAT),
 			$this->ldap_user_filter($username),
 			(empty($this->config['ldap_email'])) ?
-				array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT)) :
+				array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT)) :
-				array(htmlspecialchars_decode($this->config['ldap_uid'], ENT_COMPAT), htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)),
+				array(html_entity_decode($this->config['ldap_uid'], ENT_COMPAT), html_entity_decode($this->config['ldap_email'], ENT_COMPAT)),
 			0,
 			1
 		);
@ -205,7 +205,7 @@ class ldap extends base
 		if (is_array($ldap_result) && count($ldap_result) > 1)
 		{
-			if (@ldap_bind($ldap, $ldap_result[0]['dn'], htmlspecialchars_decode($password, ENT_COMPAT)))
+			if (@ldap_bind($ldap, $ldap_result[0]['dn'], html_entity_decode($password, ENT_COMPAT)))
 			{
 				@ldap_close($ldap);
@ -257,7 +257,7 @@ class ldap extends base
 					$ldap_user_row = array(
 						'username'		=> $username,
 						'user_password'	=> '',
-						'user_email'	=> (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][htmlspecialchars_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '',
+						'user_email'	=> (!empty($this->config['ldap_email'])) ? utf8_htmlspecialchars($ldap_result[0][html_entity_decode($this->config['ldap_email'], ENT_COMPAT)][0]) : '',
 						'group_id'		=> (int) $row['group_id'],
 						'user_type'		=> USER_NORMAL,
 						'user_ip'		=> $this->user->ip,
@ -337,7 +337,7 @@ class ldap extends base
 	 */
 	private function ldap_user_filter($username)
 	{
-		$filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(htmlspecialchars_decode($username, ENT_COMPAT)) . ')';
+		$filter = '(' . $this->config['ldap_uid'] . '=' . $this->ldap_escape(html_entity_decode($username, ENT_COMPAT)) . ')';
 		if ($this->config['ldap_user_filter'])
 		{
 			$_filter = ($this->config['ldap_user_filter'][0] == '(' && substr($this->config['ldap_user_filter'], -1) == ')') ? $this->config['ldap_user_filter'] : "({$this->config['ldap_user_filter']})";
--- a/phpBB/phpbb/console/command/user/activate.php
+++ b/phpBB/phpbb/console/command/user/activate.php
@ -204,7 +204,7 @@ class activate extends command
 			$messenger->set_addresses($user_row);
 			$messenger->anti_abuse_headers($this->config, $this->user);
 			$messenger->assign_vars(array(
-					'USERNAME'	=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT))
+					'USERNAME'	=> html_entity_decode($user_row['username'], ENT_COMPAT))
 			);
 			$messenger->send(NOTIFY_EMAIL);
--- a/phpBB/phpbb/console/command/user/add.php
+++ b/phpBB/phpbb/console/command/user/add.php
@ -313,9 +313,9 @@ class add extends command
 		$messenger->to($this->data['email'], $this->data['username']);
 		$messenger->anti_abuse_headers($this->config, $this->user);
 		$messenger->assign_vars(array(
-			'WELCOME_MSG' => htmlspecialchars_decode($this->language->lang('WELCOME_SUBJECT', $this->config['sitename']), ENT_COMPAT),
+			'WELCOME_MSG' => html_entity_decode($this->language->lang('WELCOME_SUBJECT', $this->config['sitename']), ENT_COMPAT),
-			'USERNAME'    => htmlspecialchars_decode($this->data['username'], ENT_COMPAT),
+			'USERNAME'    => html_entity_decode($this->data['username'], ENT_COMPAT),
-			'PASSWORD'    => htmlspecialchars_decode($this->data['new_password'], ENT_COMPAT),
+			'PASSWORD'    => html_entity_decode($this->data['new_password'], ENT_COMPAT),
 			'U_ACTIVATE'  => generate_board_url() . "/ucp.{$this->php_ext}?mode=activate&u=$user_id&k=$user_actkey")
 		);
--- a/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php
+++ b/phpBB/phpbb/install/helper/iohandler/ajax_iohandler.php
@ -418,7 +418,7 @@ class ajax_iohandler extends iohandler_base
 		if ($msg !== null)
 		{
-			$link_properties['msg'] = htmlspecialchars_decode($this->language->lang($msg), ENT_COMPAT);
+			$link_properties['msg'] = html_entity_decode($this->language->lang($msg), ENT_COMPAT);
 		}
 		$this->download[] = $link_properties;
--- a/phpBB/phpbb/install/helper/iohandler/iohandler_base.php
+++ b/phpBB/phpbb/install/helper/iohandler/iohandler_base.php
@ -108,7 +108,7 @@ abstract class iohandler_base implements iohandler_interface
 	{
 		if (!is_array($error_title) && strpos($error_title, '<br />') !== false)
 		{
-			$error_title = strip_tags(htmlspecialchars_decode($error_title, ENT_COMPAT));
+			$error_title = strip_tags(html_entity_decode($error_title, ENT_COMPAT));
 		}
 		$this->errors[] = $this->translate_message($error_title, $error_description);
 	}
--- a/phpBB/phpbb/install/module/install_finish/task/notify_user.php
+++ b/phpBB/phpbb/install/module/install_finish/task/notify_user.php
@ -114,8 +114,8 @@ class notify_user extends \phpbb\install\task_base
 			$messenger->to($this->config['board_email'], $this->install_config->get('admin_name'));
 			$messenger->anti_abuse_headers($this->config, $this->user);
 			$messenger->assign_vars(array(
-					'USERNAME'		=> htmlspecialchars_decode($this->install_config->get('admin_name'), ENT_COMPAT),
+					'USERNAME'		=> html_entity_decode($this->install_config->get('admin_name'), ENT_COMPAT),
-					'PASSWORD'		=> htmlspecialchars_decode($this->install_config->get('admin_passwd'), ENT_COMPAT))
+					'PASSWORD'		=> html_entity_decode($this->install_config->get('admin_passwd'), ENT_COMPAT))
 			);
 			$messenger->send(NOTIFY_EMAIL);
 		}
--- a/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php
+++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_server_data.php
@ -54,7 +54,7 @@ class obtain_server_data extends \phpbb\install\task_base implements \phpbb\inst
 		$server_port = $this->io_handler->get_server_variable('SERVER_PORT', 0);
 		// HTTP_HOST is having the correct browser url in most cases...
-		$server_name = strtolower(htmlspecialchars_decode($this->io_handler->get_header_variable(
+		$server_name = strtolower(html_entity_decode($this->io_handler->get_header_variable(
 			'Host',
 			$this->io_handler->get_server_variable('SERVER_NAME')
 		), ENT_COMPAT));
@ -65,11 +65,11 @@ class obtain_server_data extends \phpbb\install\task_base implements \phpbb\inst
 			$server_name = substr($server_name, 0, strpos($server_name, ':'));
 		}
-		$script_path = htmlspecialchars_decode($this->io_handler->get_server_variable('PHP_SELF'), ENT_COMPAT);
+		$script_path = html_entity_decode($this->io_handler->get_server_variable('PHP_SELF'), ENT_COMPAT);
 		if (!$script_path)
 		{
-			$script_path = htmlspecialchars_decode($this->io_handler->get_server_variable('REQUEST_URI'), ENT_COMPAT);
+			$script_path = html_entity_decode($this->io_handler->get_server_variable('REQUEST_URI'), ENT_COMPAT);
 		}
 		$script_path = str_replace(array('\\', '//'), '/', $script_path);
--- a/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php
+++ b/phpBB/phpbb/install/module/obtain_data/task/obtain_update_ftp_data.php
@ -87,7 +87,7 @@ class obtain_update_ftp_data extends task_base
 			$ftp_host = $this->iohandler->get_input('ftp_host', '', true);
 			$ftp_user = $this->iohandler->get_input('ftp_user', '', true);
-			$ftp_pass = htmlspecialchars_decode($this->iohandler->get_input('ftp_pass', '', true), ENT_COMPAT);
+			$ftp_pass = html_entity_decode($this->iohandler->get_input('ftp_pass', '', true), ENT_COMPAT);
 			$ftp_path = $this->iohandler->get_input('ftp_path', '', true);
 			$ftp_port = $this->iohandler->get_input('ftp_port', 21);
 			$ftp_time = $this->iohandler->get_input('ftp_timeout', 10);
--- a/phpBB/phpbb/message/message.php
+++ b/phpBB/phpbb/message/message.php
@ -262,13 +262,13 @@ class message
 				$messenger->headers('X-AntiAbuse: Username - ' . $this->sender_username);
 			}
-			$messenger->subject(htmlspecialchars_decode($this->subject, ENT_COMPAT));
+			$messenger->subject(html_entity_decode($this->subject, ENT_COMPAT));
 			$messenger->assign_vars(array(
 				'BOARD_CONTACT'	=> $contact,
-				'TO_USERNAME'	=> htmlspecialchars_decode($recipient['to_name'], ENT_COMPAT),
+				'TO_USERNAME'	=> html_entity_decode($recipient['to_name'], ENT_COMPAT),
-				'FROM_USERNAME'	=> htmlspecialchars_decode($this->sender_name, ENT_COMPAT),
+				'FROM_USERNAME'	=> html_entity_decode($this->sender_name, ENT_COMPAT),
-				'MESSAGE'		=> htmlspecialchars_decode($this->body, ENT_COMPAT))
+				'MESSAGE'		=> html_entity_decode($this->body, ENT_COMPAT))
 			);
 			if (count($this->template_vars))
--- a/phpBB/phpbb/message/topic_form.php
+++ b/phpBB/phpbb/message/topic_form.php
@ -122,7 +122,7 @@ class topic_form extends form
 		$this->message->set_template('email_notify');
 		$this->message->set_template_vars(array(
-			'TOPIC_NAME'	=> htmlspecialchars_decode($this->topic_row['topic_title'], ENT_COMPAT),
+			'TOPIC_NAME'	=> html_entity_decode($this->topic_row['topic_title'], ENT_COMPAT),
 			'U_TOPIC'		=> generate_board_url() . '/viewtopic.' . $this->phpEx . '?t=' . $this->topic_id,
 		));
 		$this->message->set_body($this->body);
--- a/phpBB/phpbb/notification/type/admin_activate_user.php
+++ b/phpBB/phpbb/notification/type/admin_activate_user.php
@ -150,7 +150,7 @@ class admin_activate_user extends \phpbb\notification\type\base
 		$username = $this->user_loader->get_username($this->item_id, 'username');
 		return array(
-			'USERNAME'			=> htmlspecialchars_decode($username, ENT_COMPAT),
+			'USERNAME'			=> html_entity_decode($username, ENT_COMPAT),
 			'U_USER_DETAILS'	=> "{$board_url}/memberlist.{$this->php_ext}?mode=viewprofile&u={$this->item_id}",
 			'U_ACTIVATE'		=> "{$board_url}/ucp.{$this->php_ext}?mode=activate&u={$this->item_id}&k={$this->get_data('user_actkey')}",
 		);
--- a/phpBB/phpbb/notification/type/disapprove_post.php
+++ b/phpBB/phpbb/notification/type/disapprove_post.php
@ -120,7 +120,7 @@ class disapprove_post extends \phpbb\notification\type\approve_post
 	public function get_email_template_variables()
 	{
 		return array_merge(parent::get_email_template_variables(), array(
-			'REASON'	=> htmlspecialchars_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
+			'REASON'	=> html_entity_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
 		));
 	}
--- a/phpBB/phpbb/notification/type/disapprove_topic.php
+++ b/phpBB/phpbb/notification/type/disapprove_topic.php
@ -120,7 +120,7 @@ class disapprove_topic extends \phpbb\notification\type\approve_topic
 	public function get_email_template_variables()
 	{
 		return array_merge(parent::get_email_template_variables(), array(
-			'REASON'			=> htmlspecialchars_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
+			'REASON'			=> html_entity_decode($this->get_data('disapprove_reason'), ENT_COMPAT),
 		));
 	}
--- a/phpBB/phpbb/notification/type/forum.php
+++ b/phpBB/phpbb/notification/type/forum.php
@ -130,10 +130,10 @@ class forum extends \phpbb\notification\type\post
 		}
 		return [
-			'AUTHOR_NAME'				=> htmlspecialchars_decode($username, ENT_COMPAT),
+			'AUTHOR_NAME'				=> html_entity_decode($username, ENT_COMPAT),
-			'FORUM_NAME'				=> htmlspecialchars_decode(censor_text($this->get_data('forum_name')), ENT_COMPAT),
+			'FORUM_NAME'				=> html_entity_decode(censor_text($this->get_data('forum_name')), ENT_COMPAT),
-			'POST_SUBJECT'				=> htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+			'POST_SUBJECT'				=> html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
-			'TOPIC_TITLE'				=> htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+			'TOPIC_TITLE'				=> html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
 			'U_VIEW_POST'				=> generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
 			'U_NEWEST_POST'				=> generate_board_url() . "/viewtopic.{$this->php_ext}?t={$this->item_parent_id}&e=1&view=unread#unread",
--- a/phpBB/phpbb/notification/type/group_request.php
+++ b/phpBB/phpbb/notification/type/group_request.php
@ -133,8 +133,8 @@ class group_request extends \phpbb\notification\type\base
 		$user_data = $this->user_loader->get_user($this->item_id);
 		return array(
-			'GROUP_NAME'		   		=> htmlspecialchars_decode($this->get_data('group_name'), ENT_COMPAT),
+			'GROUP_NAME'		   		=> html_entity_decode($this->get_data('group_name'), ENT_COMPAT),
-			'REQUEST_USERNAME' 	   		=> htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
+			'REQUEST_USERNAME' 	   		=> html_entity_decode($user_data['username'], ENT_COMPAT),
 			'U_PENDING'			  		=> generate_board_url() . "/ucp.{$this->php_ext}?i=groups&mode=manage&action=list&g={$this->item_parent_id}",
 			'U_GROUP'					=> generate_board_url() . "/memberlist.{$this->php_ext}?mode=group&g={$this->item_parent_id}",
--- a/phpBB/phpbb/notification/type/pm.php
+++ b/phpBB/phpbb/notification/type/pm.php
@ -164,8 +164,8 @@ class pm extends \phpbb\notification\type\base
 		$user_data = $this->user_loader->get_user($this->get_data('from_user_id'));
 		return array(
-			'AUTHOR_NAME'				=> htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
+			'AUTHOR_NAME'				=> html_entity_decode($user_data['username'], ENT_COMPAT),
-			'SUBJECT'					=> htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+			'SUBJECT'					=> html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
 			'U_VIEW_MESSAGE'			=> generate_board_url() . '/ucp.' . $this->php_ext . "?i=pm&mode=view&p={$this->item_id}",
 		);
--- a/phpBB/phpbb/notification/type/post.php
+++ b/phpBB/phpbb/notification/type/post.php
@ -262,9 +262,9 @@ class post extends \phpbb\notification\type\base
 		}
 		return array(
-			'AUTHOR_NAME'				=> htmlspecialchars_decode($username, ENT_COMPAT),
+			'AUTHOR_NAME'				=> html_entity_decode($username, ENT_COMPAT),
-			'POST_SUBJECT'				=> htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+			'POST_SUBJECT'				=> html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
-			'TOPIC_TITLE'				=> htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+			'TOPIC_TITLE'				=> html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
 			'U_VIEW_POST'				=> generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
 			'U_NEWEST_POST'				=> generate_board_url() . "/viewtopic.{$this->php_ext}?t={$this->item_parent_id}&e=1&view=unread#unread",
--- a/phpBB/phpbb/notification/type/quote.php
+++ b/phpBB/phpbb/notification/type/quote.php
@ -168,7 +168,7 @@ class quote extends \phpbb\notification\type\post
 		$user_data = $this->user_loader->get_user($this->get_data('poster_id'));
 		return array_merge(parent::get_email_template_variables(), array(
-			'AUTHOR_NAME'		=> htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
+			'AUTHOR_NAME'		=> html_entity_decode($user_data['username'], ENT_COMPAT),
 		));
 	}
--- a/phpBB/phpbb/notification/type/report_pm.php
+++ b/phpBB/phpbb/notification/type/report_pm.php
@ -143,11 +143,11 @@ class report_pm extends \phpbb\notification\type\pm
 		$user_data = $this->user_loader->get_user($this->get_data('from_user_id'));
 		return [
-			'AUTHOR_NAME'	=> htmlspecialchars_decode($user_data['username'], ENT_COMPAT),
+			'AUTHOR_NAME'	=> html_entity_decode($user_data['username'], ENT_COMPAT),
-			'SUBJECT'		=> htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+			'SUBJECT'		=> html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
 			/** @deprecated	3.2.6-RC1	(to be removed in 4.0.0) use {SUBJECT} instead in report_pm.txt */
-			'TOPIC_TITLE'	=> htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+			'TOPIC_TITLE'	=> html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
 			'U_VIEW_REPORT'	=> generate_board_url() . "/mcp.{$this->php_ext}?r={$this->item_parent_id}&i=pm_reports&mode=pm_report_details",
 		];
--- a/phpBB/phpbb/notification/type/report_pm_closed.php
+++ b/phpBB/phpbb/notification/type/report_pm_closed.php
@ -104,9 +104,9 @@ class report_pm_closed extends \phpbb\notification\type\pm
 		$closer_username = $this->user_loader->get_username($this->get_data('closer_id'), 'username');
 		return [
-			'AUTHOR_NAME'	=> htmlspecialchars_decode($sender_username, ENT_COMPAT),
+			'AUTHOR_NAME'	=> html_entity_decode($sender_username, ENT_COMPAT),
-			'CLOSER_NAME'	=> htmlspecialchars_decode($closer_username, ENT_COMPAT),
+			'CLOSER_NAME'	=> html_entity_decode($closer_username, ENT_COMPAT),
-			'SUBJECT'		=> htmlspecialchars_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
+			'SUBJECT'		=> html_entity_decode(censor_text($this->get_data('message_subject')), ENT_COMPAT),
 			'U_VIEW_MESSAGE'=> generate_board_url() . "/ucp.{$this->php_ext}?i=pm&amp;mode=view&amp;p={$this->item_id}",
 		];
--- a/phpBB/phpbb/notification/type/report_post.php
+++ b/phpBB/phpbb/notification/type/report_post.php
@ -110,8 +110,8 @@ class report_post extends \phpbb\notification\type\post_in_queue
 		$board_url = generate_board_url();
 		return array(
-			'POST_SUBJECT'				=> htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+			'POST_SUBJECT'				=> html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
-			'TOPIC_TITLE'				=> htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+			'TOPIC_TITLE'				=> html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
 			'U_VIEW_REPORT'				=> "{$board_url}/mcp.{$this->php_ext}?p={$this->item_id}&i=reports&mode=report_details#reports",
 			'U_VIEW_POST'				=> "{$board_url}/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
--- a/phpBB/phpbb/notification/type/report_post_closed.php
+++ b/phpBB/phpbb/notification/type/report_post_closed.php
@ -111,10 +111,10 @@ class report_post_closed extends \phpbb\notification\type\post
 		$closer_username = $this->user_loader->get_username($this->get_data('closer_id'), 'username');
 		return [
-			'AUTHOR_NAME'	=> htmlspecialchars_decode($post_username, ENT_COMPAT),
+			'AUTHOR_NAME'	=> html_entity_decode($post_username, ENT_COMPAT),
-			'CLOSER_NAME'	=> htmlspecialchars_decode($closer_username, ENT_COMPAT),
+			'CLOSER_NAME'	=> html_entity_decode($closer_username, ENT_COMPAT),
-			'POST_SUBJECT'	=> htmlspecialchars_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
+			'POST_SUBJECT'	=> html_entity_decode(censor_text($this->get_data('post_subject')), ENT_COMPAT),
-			'TOPIC_TITLE'	=> htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+			'TOPIC_TITLE'	=> html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
 			'U_VIEW_POST'	=> generate_board_url() . "/viewtopic.{$this->php_ext}?p={$this->item_id}#p{$this->item_id}",
 		];
--- a/phpBB/phpbb/notification/type/topic.php
+++ b/phpBB/phpbb/notification/type/topic.php
@ -217,9 +217,9 @@ class topic extends \phpbb\notification\type\base
 		}
 		return array(
-			'AUTHOR_NAME'				=> htmlspecialchars_decode($username, ENT_COMPAT),
+			'AUTHOR_NAME'				=> html_entity_decode($username, ENT_COMPAT),
-			'FORUM_NAME'				=> htmlspecialchars_decode($this->get_data('forum_name'), ENT_COMPAT),
+			'FORUM_NAME'				=> html_entity_decode($this->get_data('forum_name'), ENT_COMPAT),
-			'TOPIC_TITLE'				=> htmlspecialchars_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
+			'TOPIC_TITLE'				=> html_entity_decode(censor_text($this->get_data('topic_title')), ENT_COMPAT),
 			'U_TOPIC'					=> "{$board_url}/viewtopic.{$this->php_ext}?t={$this->item_id}",
 			'U_VIEW_TOPIC'				=> "{$board_url}/viewtopic.{$this->php_ext}?t={$this->item_id}",
--- a/phpBB/phpbb/plupload/plupload.php
+++ b/phpBB/phpbb/plupload/plupload.php
@ -163,7 +163,7 @@ class plupload
 			'S_PLUPLOAD'		=> true,
 			'FILTERS'			=> $filters,
 			'CHUNK_SIZE'		=> $chunk_size,
-			'S_PLUPLOAD_URL'	=> htmlspecialchars_decode($s_action, ENT_COMPAT),
+			'S_PLUPLOAD_URL'	=> html_entity_decode($s_action, ENT_COMPAT),
 			'MAX_ATTACHMENTS'	=> $max_files,
 			'ATTACH_ORDER'		=> ($this->config['display_order']) ? 'asc' : 'desc',
 			'L_TOO_MANY_ATTACHMENTS'	=> $this->user->lang('TOO_MANY_ATTACHMENTS', $max_files),
--- a/phpBB/phpbb/search/backend/fulltext_mysql.php
+++ b/phpBB/phpbb/search/backend/fulltext_mysql.php
@ -215,7 +215,7 @@ class fulltext_mysql extends base implements search_backend_interface
 		}
 		// Filter out as above
-		$split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords, ENT_COMPAT)));
+		$split_keywords = preg_replace("#[\n\r\t]+#", ' ', trim(html_entity_decode($keywords, ENT_COMPAT)));
 		// Split words
 		$split_keywords = preg_replace('#([^\p{L}\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords)));
@ -537,7 +537,7 @@ class fulltext_mysql extends base implements search_backend_interface
 		$sql = "SELECT $sql_select
 			FROM $sql_from$sql_sort_table" . POSTS_TABLE . " p
-			WHERE MATCH ($sql_match) AGAINST ('" . $this->db->sql_escape(htmlspecialchars_decode($this->search_query, ENT_COMPAT)) . "' IN BOOLEAN MODE)
+			WHERE MATCH ($sql_match) AGAINST ('" . $this->db->sql_escape(html_entity_decode($this->search_query, ENT_COMPAT)) . "' IN BOOLEAN MODE)
 				$sql_where_options
 			ORDER BY $sql_sort";
 		$this->db->sql_return_on_error(true);
--- a/phpBB/phpbb/search/backend/fulltext_native.php
+++ b/phpBB/phpbb/search/backend/fulltext_native.php
@ -1786,7 +1786,7 @@ class fulltext_native extends base implements search_backend_interface
 		/**
 		* Replace HTML entities and NCRs
 		*/
-		$text = htmlspecialchars_decode(utf8_decode_ncr($text), ENT_QUOTES);
+		$text = html_entity_decode(utf8_decode_ncr($text), ENT_QUOTES);
 		/**
 		* Normalize to NFC
--- a/phpBB/phpbb/search/backend/fulltext_postgres.php
+++ b/phpBB/phpbb/search/backend/fulltext_postgres.php
@ -178,7 +178,7 @@ class fulltext_postgres extends base implements search_backend_interface
 		}
 		// Filter out as above
-		$split_keywords = preg_replace("#[\"\n\r\t]+#", ' ', trim(htmlspecialchars_decode($keywords, ENT_COMPAT)));
+		$split_keywords = preg_replace("#[\"\n\r\t]+#", ' ', trim(html_entity_decode($keywords, ENT_COMPAT)));
 		// Split words
 		$split_keywords = preg_replace('#([^\p{L}\p{N}\'*"()])#u', '$1$1', str_replace('\'\'', '\' \'', trim($split_keywords)));
--- a/phpBB/phpbb/session.php
+++ b/phpBB/phpbb/session.php
@ -52,7 +52,7 @@ class session
 		// If we are unable to get the script name we use REQUEST_URI as a failover and note it within the page array for easier support...
 		if (!$script_name)
 		{
-			$script_name = htmlspecialchars_decode($request->server('REQUEST_URI'), ENT_COMPAT);
+			$script_name = html_entity_decode($request->server('REQUEST_URI'), ENT_COMPAT);
 			$script_name = (($pos = strpos($script_name, '?')) !== false) ? substr($script_name, 0, $pos) : $script_name;
 			$page_array['failover'] = 1;
 		}
@ -169,7 +169,7 @@ class session
 		global $config, $request;
 		// Get hostname
-		$host = htmlspecialchars_decode($request->header('Host', $request->server('SERVER_NAME')), ENT_COMPAT);
+		$host = html_entity_decode($request->header('Host', $request->server('SERVER_NAME')), ENT_COMPAT);
 		// Should be a string and lowered
 		$host = (string) strtolower($host);
@ -292,7 +292,7 @@ class session
 		// Why no forwarded_for et al? Well, too easily spoofed. With the results of my recent requests
 		// it's pretty clear that in the majority of cases you'll at least be left with a proxy/cache ip.
-		$ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'), ENT_COMPAT);
+		$ip = html_entity_decode($request->server('REMOTE_ADDR'), ENT_COMPAT);
 		$ip = preg_replace('# {2,}#', ' ', str_replace(',', ' ', $ip));
 		/**
--- a/phpBB/phpbb/textformatter/data_access.php
+++ b/phpBB/phpbb/textformatter/data_access.php
@ -226,7 +226,7 @@ class data_access
 		{
 			foreach ($columns as $column)
 			{
-				$row[$column] = htmlspecialchars_decode($row[$column], ENT_COMPAT);
+				$row[$column] = html_entity_decode($row[$column], ENT_COMPAT);
 			}
 		}
--- a/phpBB/phpbb/ucp/controller/reset_password.php
+++ b/phpBB/phpbb/ucp/controller/reset_password.php
@ -265,7 +265,7 @@ class reset_password
 				$messenger->anti_abuse_headers($this->config, $this->user);
 				$messenger->assign_vars([
-						'USERNAME'			=> htmlspecialchars_decode($user_row['username'], ENT_COMPAT),
+						'USERNAME'			=> html_entity_decode($user_row['username'], ENT_COMPAT),
 						'U_RESET_PASSWORD'	=> generate_board_url(true) . $this->helper->route('phpbb_ucp_reset_password_controller', [
 							'u'		=> $user_row['user_id'],
 							'token'	=> $reset_token,
--- a/phpBB/search.php
+++ b/phpBB/search.php
@ -680,16 +680,16 @@ if ($keywords || $author || $author_id || $search_id || $submit)
 	$hilit = phpbb_clean_search_string(str_replace(array('+', '-', '|', '(', ')', '&quot;'), ' ', $keywords));
 	$hilit = str_replace(' ', '|', $hilit);
-	$u_hilit = urlencode(htmlspecialchars_decode(str_replace('|', ' ', $hilit), ENT_COMPAT));
+	$u_hilit = urlencode(html_entity_decode(str_replace('|', ' ', $hilit), ENT_COMPAT));
 	$u_show_results = '&amp;sr=' . $show_results;
 	$u_search_forum = implode('&amp;fid%5B%5D=', $search_forum);
 	$u_search = append_sid("{$phpbb_root_path}search.$phpEx", $u_sort_param . $u_show_results);
 	$u_search .= ($search_id) ? '&amp;search_id=' . $search_id : '';
-	$u_search .= ($u_hilit) ? '&amp;keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)) : '';
+	$u_search .= ($u_hilit) ? '&amp;keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)) : '';
 	$u_search .= ($search_terms != 'all') ? '&amp;terms=' . $search_terms : '';
 	$u_search .= ($topic_id) ? '&amp;t=' . $topic_id : '';
-	$u_search .= ($author) ? '&amp;author=' . urlencode(htmlspecialchars_decode($author, ENT_COMPAT)) : '';
+	$u_search .= ($author) ? '&amp;author=' . urlencode(html_entity_decode($author, ENT_COMPAT)) : '';
 	$u_search .= ($author_id) ? '&amp;author_id=' . $author_id : '';
 	$u_search .= ($u_search_forum) ? '&amp;fid%5B%5D=' . $u_search_forum : '';
 	$u_search .= (!$search_child) ? '&amp;sc=0' : '';
@ -1571,7 +1571,7 @@ if ($auth->acl_get('a_search'))
 			'KEYWORDS'	=> $keywords,
 			'TIME'		=> $user->format_date($row['search_time']),
-			'U_KEYWORDS'	=> append_sid("{$phpbb_root_path}search.$phpEx", 'keywords=' . urlencode(htmlspecialchars_decode($keywords, ENT_COMPAT)))
+			'U_KEYWORDS'	=> append_sid("{$phpbb_root_path}search.$phpEx", 'keywords=' . urlencode(html_entity_decode($keywords, ENT_COMPAT)))
 		));
 	}
 	$db->sql_freeresult($result);
--- a/tests/email/email_parsing_test.php
+++ b/tests/email/email_parsing_test.php
@ -122,8 +122,8 @@ class phpbb_email_parsing_test extends phpbb_test_case
 		$this->messenger->set_addresses($user->data);
 		$this->messenger->assign_vars(array(
-			'EMAIL_SIG'	=> str_replace('<br />', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)),
+			'EMAIL_SIG'	=> str_replace('<br />', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)),
-			'SITENAME'	=> htmlspecialchars_decode($config['sitename'], ENT_COMPAT),
+			'SITENAME'	=> html_entity_decode($config['sitename'], ENT_COMPAT),
 			'AUTHOR_NAME'				=> $author_name,
 			'FORUM_NAME'				=> $forum_name,
@ -142,8 +142,8 @@ class phpbb_email_parsing_test extends phpbb_test_case
 		$this->assertStringContainsString($forum_name, $msg);
 		$this->assertStringContainsString($topic_title, $msg);
 		$this->assertStringContainsString($username, $msg);
-		$this->assertStringContainsString(htmlspecialchars_decode($config['sitename'], ENT_COMPAT), $msg);
+		$this->assertStringContainsString(html_entity_decode($config['sitename'], ENT_COMPAT), $msg);
-		$this->assertStringContainsString(str_replace('<br />', "\n", "-- \n" . htmlspecialchars_decode($config['board_email_sig'], ENT_COMPAT)), $msg);
+		$this->assertStringContainsString(str_replace('<br />', "\n", "-- \n" . html_entity_decode($config['board_email_sig'], ENT_COMPAT)), $msg);
 		$this->assertStringNotContainsString('EMAIL_SIG', $msg);
 		$this->assertStringNotContainsString('U_STOP_WATCHING_FORUM', $msg);
 	}