dev/core#3001 escape single quotes when rendering tokens in html format

diff --git a/Civi/Token/TokenRow.php b/Civi/Token/TokenRow.php
index 29ad5a25592ff6b948df7b37316739ff7612fef3..67010083918f5b7b22c1aed21a6889149f1a7199 100644 (file)
--- a/Civi/Token/TokenRow.php
+++ b/Civi/Token/TokenRow.php
@@ -280,7 +280,7 @@ class TokenRow {
                 $htmlTokens[$entity][$field] = \CRM_Utils_String::purifyHTML($value);
               }
               else {
-                $htmlTokens[$entity][$field] = is_object($value) ? $value : htmlentities($value);
+                $htmlTokens[$entity][$field] = is_object($value) ? $value : htmlentities($value, ENT_QUOTES);
               }
             }
           }