Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> v2.30.01 RN All Other Issues
Author Message
Brujo
Regular
Regular



Joined: Jun 04, 2004
Posts: 84
Location: Germany

PostPosted: Thu Mar 26, 2009 2:47 am Reply with quote

I found a small issue in the weblinks module, the LINKPROFILE in vieweditorial, viewlinkdetails, viewlinkcomments & ratelink is shown wrong if there are some Umlauts in

Quote:
Linkprofile: a&r ReiseFührer


Brujo
 
View user's profile Send private message
Susann
Moderator



Joined: Dec 19, 2004
Posts: 3191
Location: Germany:Moderator German NukeSentinel Support

PostPosted: Thu Mar 26, 2009 4:59 pm Reply with quote

I would use Reisefuehrer. Searching on Google for Reisefuehrer instead of Reiseführer there are no drawbacks and its possible there is also an issue with Feeds and the word Reiseführer. I have not checked this yet.
 
View user's profile Send private message
Brujo







PostPosted: Fri Mar 27, 2009 12:50 am Reply with quote

on one hand I can understand your suggestion, but on the other hand it makes not realy sense to take care on which place I can use Umlauts and where not, and it is not only related to german Umlauts also for example
Quote:
Yucatán - das Rätsel der Puuc-Kultur, México desconocido online, Galería Nina Menocal...


my question is simple, is the code wrong ?
Code:
echo '<div class="content" align="center"><font class="option"><b>'._LINKPROFILE.': '.htmlentities($displaytitle).'</b></font><br />';


because if i change it for example in the viewlink section like this everything is correct:
Code:
echo '<div class="content" align="center"><font class="option"><b>'._LINKPROFILE.': '.$displaytitle.'</b></font><br />';


or do I have a general issue and should use as charset utf-8 insteed ISO-8859-1 and if so what I have to do to convert all this signs which are saved as entities to be conform??

and to answer your Question about feeds: if you use entities like &uuml; in the feed title or feed description at the Feed Admin Menu the Feed is NOT VALID!

Brujo
 
Susann







PostPosted: Fri Mar 27, 2009 2:44 pm Reply with quote

This code also doesn´t work well at my utf-8 testsite:


Code:
echo '<div class="content" align="center"><font class="option"><b>'._LINKPROFILE.': '.htmlentities($displaytitle).'</b></font><br />';



If you check Downloads you will notice there is this code used:

Code:
echo '<div class="content" align="center"><font class="option"><b>'._DOWNLOADPROFILE.': '.$displaytitle.'</b></font><br 


/><br />';

and it works with German umlauts but there is still an issue with view editorial.

Will add this issue to our bug tracker.

But an alternative is just to use ue or ae like for Maerz.


If you change your current site to utf-8 you will be busy for months to correct every umlaut issue in different files and sections of your site I believe.
 
Brujo







PostPosted: Sat Mar 28, 2009 4:56 am Reply with quote

Quote:

Will add this issue to our bug tracker.


thanks

Quote:

But an alternative is just to use ue or ae like for Maerz.


sure, this is always possible, but this takes also time to modify all and leads to issues... and this is what i do for short term

Quote:

If you change your current site to utf-8 you will be busy for months to correct every umlaut issue in different files and sections of your site I believe.


yes i believe you, I allready started with a test to see whats happens and yepp many issues and things have to be done before i can switch to utf-8. However i am pretty sure in midd/long term it make sence to go the hard way to UTF-8 on the end it is just a Question of preparation the "old" site to be able to migrate smooth.

thanks
Brujo
 
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Sun Aug 02, 2009 9:37 pm Reply with quote

Susann/Brujo,

So you're saying if the htmlentities() function is removed in the web links code it displays properly?
 
View user's profile Send private message
Susann







PostPosted: Mon Aug 03, 2009 11:29 am Reply with quote

Yes !I also removed it in the function ratelink around line 2304 index.php.
My example "Reiseführer Wien" is here: http://skin-up.de/link-2.html
It works well after I changed the code.
I don´t use UTF-8 on my site.

Btw:I found some missing defines in weblinks module too and will add this into Mantis.I have not checked the downloads module maybe there are similar issues.
 
Raven







PostPosted: Mon Aug 03, 2009 2:20 pm Reply with quote

Susan,

Please test this.

CHANGE:
echo '<div class="content" align="center"><font class="option"><b>'._LINKPROFILE.': '.htmlentities($displaytitle).'</b></font><br />';

TO:
echo '<div class="content" align="center"><font class="option"><b>'._LINKPROFILE.': '.check_html($displaytitle,'nohtml').'</b></font><br />';
 
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona

PostPosted: Mon Aug 03, 2009 6:06 pm Reply with quote

I am not 100% certain on this, but I recall 64bitguy long time back raised some really good points regarding the use of htmlentities() and issues with different charsets. He had suggested using htmlspecialchars() instead as it accomplishes the same goal of nullifying the effects of potential XSS issues.

I say this only for a possible approach change, but, yes, tons of work. Might be good to do (if deemed appropriate) when we get around to converted RN over to be UTF-8.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Raven







PostPosted: Mon Aug 03, 2009 9:47 pm Reply with quote

htmlspecialchars() has the same affect in this case so that's why I chose the check_html() function for her to try.
 
montego







PostPosted: Mon Aug 03, 2009 11:19 pm Reply with quote

I'm confused (but not the first time and won't be the last), but I was thinking htmlspecialchars() only makes entities out of the following:

< > " and & (can also do ' if the option is set)

I thought the issue was with german umlauts? I just want to understand what I am missing so I don't get twisted up the next time around.
 
Raven







PostPosted: Tue Aug 04, 2009 12:30 am Reply with quote

Correct. But the umlaut is entered as an entity -> &uuml; htmlspecialchars() will not allow the translation to the character representation.
 
Susann







PostPosted: Tue Aug 04, 2009 3:49 pm Reply with quote

Sorry for the late reply. Your code changes works well !
I only changed back line 2304 to the original code and therefore using this link: Only registered users can see links on this board! Get registered or login!
the word "Reiseführer" is not displayed correctly.
line 2304:
Code:
$ttitle = htmlentities($row['title']); 


Code:
$ttitle = ($row['title']); 
would correct this.
 
montego







PostPosted: Tue Aug 04, 2009 6:21 pm Reply with quote

Raven wrote:
Correct. But the umlaut is entered as an entity -> &uuml; htmlspecialchars() will not allow the translation to the character representation.


I'm slow... I get it now... because of the "&" in front. Aaarrrggghhh... I need to retire so I can flush from my brain everything else but PHP. Too bad that won't be for another 20 - 30 years at my investment return rate. Laughing
 
Raven







PostPosted: Tue Aug 04, 2009 11:39 pm Reply with quote

killing me

Join the club. It took me a little while both to understand and then devise what was most expeditious and still safe at the same time.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> v2.30.01 RN All Other Issues

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©