 Relationships |
|
| Anonymous | Login | Signup for a new account | 2013.05.18 10:34 CEST |
| Main | My View | View Issues | Change Log | Roadmap | Docs |
| Viewing Issue Advanced Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
| 0000351 | [Piwigo] display | minor | always | 2006.04.25 01:36 | 2006.06.04 10:49 | ||
| Reporter | rvelices | View Status | public | ||||
| Assigned To | chrisaga | ||||||
| Priority | normal | Resolution | fixed | Platform | |||
| Status | closed | OS | |||||
| Projection | none | OS Version | |||||
| ETA | none | Fixed in Version | 1.6.0RC2 | Product Version | 1.6.0RC1 | ||
| Target Version | Product Build | ||||||
| Summary | 0000351: htmlentities should not be applied to comments | ||||||
| Description | in parse_comment_content: we put html code for urls, underline, bold and italic and then we call htmlentities on the result ? | ||||||
| Steps To Reproduce | |||||||
| Additional Information | |||||||
| Tags | No tags attached. | ||||||
| browser | any | ||||||
| Database engine and version | |||||||
| PHP version | |||||||
| Web server | Apache 1.3.x | ||||||
| Attached Files | |||||||
|
|
|||||||
|
Relationships |
|
|
Notes |
|
|
(0000848) rvelices (developer) 2006.04.25 02:00 |
Forgot to say that htmlspecialchars is already applied to the comment before being inserted in the database. |
|
(0000853) chrisaga (developer) 2006.04.25 22:27 |
Must use htmlentities() before setting the html tags Fixed in 1.6 ([Subversion] r1271) merged in BSF ([Subversion] r1272) |
|
(0000854) rvelices (developer) 2006.04.25 22:59 edited on: 2006.04.25 23:00 |
> Must use htmlentities() before setting the html tags In fact no. If you input a comment "me & you" it will be saved in the database as "me & you" (I dont think it is a good idea, but this the way it is today). Applying htmlentities a second time is not good. However svn versions are ok because you are calling the htmlentities but you don't assign the result to anything. I let you close this bug if you agree. |
|
(0000856) chrisaga (developer) 2006.04.26 07:54 |
OK, I was too fast on this one <:o( useless code removed in 1.6 ([Subversion] r1275) merged in BSF ([Subversion] r1276) In fact i was disturbed by the fact that bold (*world*) patterns don't seem to work. Do they ? |
|
(0001015) chrisaga (developer) 2006.06.04 10:49 |
Sould have been closed long ago |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2006.04.25 01:36 | rvelices | New Issue | |
| 2006.04.25 01:36 | rvelices | browser | => any |
| 2006.04.25 01:36 | rvelices | Web server | => Apache 1.3.x |
| 2006.04.25 02:00 | rvelices | Note Added: 0000848 | |
| 2006.04.25 22:25 | chrisaga | Status | new => assigned |
| 2006.04.25 22:25 | chrisaga | Assigned To | => chrisaga |
| 2006.04.25 22:27 | chrisaga | Status | assigned => resolved |
| 2006.04.25 22:27 | chrisaga | Fixed in Version | => 1.6.0RC2 |
| 2006.04.25 22:27 | chrisaga | Resolution | open => fixed |
| 2006.04.25 22:27 | chrisaga | Note Added: 0000853 | |
| 2006.04.25 22:59 | rvelices | Status | resolved => feedback |
| 2006.04.25 22:59 | rvelices | Resolution | fixed => reopened |
| 2006.04.25 22:59 | rvelices | Note Added: 0000854 | |
| 2006.04.25 23:00 | rvelices | Note Edited: 0000854 | |
| 2006.04.26 07:54 | chrisaga | Status | feedback => resolved |
| 2006.04.26 07:54 | chrisaga | Resolution | reopened => fixed |
| 2006.04.26 07:54 | chrisaga | Note Added: 0000856 | |
| 2006.06.04 10:49 | chrisaga | Status | resolved => closed |
| 2006.06.04 10:49 | chrisaga | Note Added: 0001015 | |
| Mantis 1.1.6[^] Copyright © 2000 - 2008 Mantis Group Contact |  |
