Urls and amp;

Posted: Mon Jan 14, 2008 8:22 am

I don;t know if this a bug or just me....

but I have an advertiser that has a url that looks like this....
/content.asp?nav=96040&cpid=4911&isPreview=True

So I put it in the Advertising MOD for his banner to link to and I get this...
/content.asp?nav=96040&cpid=4911&isPreview=True

I have also tried using the & when I input the url....

I know what it is doing and I know why it is doing it.

My question is how do we make the link work once it comes out?

Is this a "Bug"?

Dawg

registered · Posted: Mon Jan 14, 2008 11:56 am

This should only be used in links on a page. It makes the link HTML compliant is all.

registered · Site Admin Joined: Jun 04, 2004 Posts: 6437

It's definitely a bug if you're putting it as & and it's coming out as &, causing the link to fail.

Posted: Mon Jan 14, 2008 6:05 pm

Well I found one then.....now the 500 dollar question....what do I need to do to fix it?

I can go look through the code.....what am I looking for?

Dawg

registered · Posted: Tue Jan 15, 2008 6:30 am

Sounds to me like check_html() is being called to validate the URL (in order to strip out any HTML I bet) and that function in RN will also normalize the entities. At this point, I would suggest changing the data in the DB using phpMyAdmin. Let us know if it is being changed back on coming OUT of the db.

We'll have to look into this further...

Posted: Tue Jan 15, 2008 6:46 am

montego,
I will do that....and I have a couple other sites that I will run the same thing through and see what happens. These are fairly fresh installs. If you would like to take a closer look just PM me and I will open it up for you.

Dave

Posted: Tue Jan 15, 2008 8:55 am

I checked the Db....It is correct there....
/content.asp?nav=96040&cpid=4911&isPreview=True

So it is getting mangled coming out of the database.

Any idea what I can do to fix it?

Dawg

Posted: Wed Jan 16, 2008 1:22 pm

I have looked at the ad_click function and saw nothing that looked to be the issue....

Have any ideas where to look? Anyway to fool it into letting the & through?

Posted: Wed Jan 16, 2008 6:07 pm

Dawg, I do see some differences between 2.10.01 and the upcoming 2.20.00 release that is in SVN. Try this for kicks (as I do not have time right now to think this through and/or test):

=== OPEN FILE ===

/index.php

=== FIND CODE ===

Code:




require_once('mainfile.php');


global $prefix, $db, $admin_file;

=== RIGHT AFTER ADD THIS ===

Code:




if (isset($op) AND ($op == "ad_click") AND isset($bid)) {


   $bid = intval($bid);


   $sql = "SELECT clickurl FROM ".$prefix."_banner WHERE bid='$bid'";


   $result = $db->sql_query($sql);


   list($clickurl) = $db->sql_fetchrow($result);


   $db->sql_query("UPDATE ".$prefix."_banner SET clicks=clicks+1 WHERE bid='$bid'");


   update_points(21);


   Header("Location: ".htmlentities($clickurl));


   die();


}

=== DONE ===

See if that works.

Posted: Wed Jan 16, 2008 6:41 pm

They were more or less the same. What I did was

Code:

    Header("Location: ".$clickurl); 


 //  Header("Location: ".htmlentities($clickurl));

kill the htmlentities. AM I opening any holes in doing this?

Dave

Posted: Thu Jan 17, 2008 6:19 am

Aw, yes, good catch. Hhhhmmm.... that htmlentities is definitely not right.. I need to see about getting that corrected. I'll have to look for a vulnerability. I might want to encode the URL, but not sure yet just how header handles that. I think it should just fine.

Posted: Thu Jan 17, 2008 6:06 pm

Removing htmlentities here shouldn't open any holes.

Posted: Fri Feb 08, 2008 7:09 am

BTW, this is fixed in the upcoming 2.20.00 release.