From d57fcb5f69e61dd220a9b2df6b38e71e25d5e361 Mon Sep 17 00:00:00 2001
From: Nivesh Krishna <nivesh@e.email>
Date: Tue, 1 Aug 2023 13:30:58 +0530
Subject: [PATCH 1/2] encode url

---
 htdocs/helpers.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/htdocs/helpers.php b/htdocs/helpers.php
index 3f04c83..9b4436a 100644
--- a/htdocs/helpers.php
+++ b/htdocs/helpers.php
@@ -79,6 +79,7 @@ function sendInviteMail($to, $secret, $lang, ?string $referrer = null, ?string $
         $signupURL .= "&shop=$shopLocation";
     }
     $SENDGRID_API_KEY = getenv("SENDGRID_API_KEY");
+    $signupURL = urlencode($signupURL);
     if (!empty($SENDGRID_API_KEY)) {
         return sendInviteMailWithSendGrid($to, $signupURL);
     }
-- 
GitLab


From 45c0301d46585c08aa575dbf76f6eb287ee150fe Mon Sep 17 00:00:00 2001
From: Nivesh Krishna <nivesh@e.email>
Date: Tue, 1 Aug 2023 22:45:48 +0530
Subject: [PATCH 2/2] use http build query

---
 htdocs/helpers.php | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/htdocs/helpers.php b/htdocs/helpers.php
index 9b4436a..46716ed 100644
--- a/htdocs/helpers.php
+++ b/htdocs/helpers.php
@@ -65,21 +65,24 @@ function isEmailDomainBlackListed($email): bool
 
 function sendInviteMail($to, $secret, $lang, ?string $referrer = null, ?string $shopLocation = null)
 {
-    $encoded_email = urlencode($to);
     $domain = getenv("DOMAIN");
     $signupURL = "https://$domain/signup/";
     if ($lang != "en") {
         $signupURL .= "$lang/";
     }
-    $signupURL .= "register?authmail=$encoded_email&authsecret=$secret";
+    $signupURL .= "register?";
+    $query = [
+        "authmail"=> $to,
+        "authsecret"=>$secret
+        ];
     if ($referrer != null) {
-        $signupURL .= "&ref=$referrer";
+        $query["ref"] = $referrer;
     }
     if ($shopLocation) {
-        $signupURL .= "&shop=$shopLocation";
+        $query["shop"] = $shopLocation;
     }
     $SENDGRID_API_KEY = getenv("SENDGRID_API_KEY");
-    $signupURL = urlencode($signupURL);
+    $signupURL = $signupURL . http_build_query($query);
     if (!empty($SENDGRID_API_KEY)) {
         return sendInviteMailWithSendGrid($to, $signupURL);
     }
-- 
GitLab