Ravens PHP Scripts: Forums
 

 
  Forum Index  •  Forum FAQ  •  Search  •  Memberlist  •  Usergroups  •  Profile  •  Log in to check your private messages  •  Log in

Slashes in Feedback Email
 View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> RN Bug Reports - Other Issues
Author Message
Gremmie
Former Moderator in Good Standing



Joined: Apr 06, 2006
Posts: 2415
Location: Iowa, USA
PostPosted: Sat Mar 31, 2007 10:45 am Reply with quote
My host has magic quotes turned on. I was getting feedback emails with slashes in them.

I changed this line
Code:



$message = htmlentities($message);


to this:

Code:



$message = htmlentities(stripslashes($message), ENT_NOQUOTES);


I also decided to add ENT_NOQUOTES to keep the quotes from being converted to entities to make it more readable. Season to taste. Wink

_________________
Only registered users can see links on this board! Get registered or login! - An Event Calendar for PHP-Nuke
Only registered users can see links on this board! Get registered or login! - A Google Maps Nuke Module

Last edited by Gremmie on Sun Apr 01, 2007 11:08 am; edited 1 time in total 
View user's profile Send private message
Guardian2003
Site Admin



Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam
PostPosted: Sun Apr 01, 2007 7:40 am Reply with quote
Nice one!
Could we not employ some test to see if magic quotes is on so that line is altered automagically?
 
View user's profile Send private message Send e-mail
Gremmie
PostPosted: Sun Apr 01, 2007 10:09 am Reply with quote
Sure, but the rest of the code was unconditionally stripslashing the other form fields, so I just did the same.

In GCalender I used a slightly modified version of that InputFilter class that was on the web a while back (seems to be gone now). In "the next CMS" it would be nice to have a global object of that class around (like the db object) that modules can grab to do filtering, etc.
 
montego
Site Admin



Joined: Aug 29, 2004
Posts: 9457
Location: Arizona
PostPosted: Sun Apr 01, 2007 10:26 am Reply with quote
Agreed in that the code is indiscriminate. Although that replacement Feedback module is newer than the original PHP-Nuke one (and MUCH more secure), it could be improved upon.

Since you have phrased this thread as "Feedback", should we move this to the Enhancements RN forum? Otherwise, I'd suggest making the title specific to the issue of seeing slashes in the feedback.

_________________
Only registered users can see links on this board! Get registered or login!
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Gremmie
PostPosted: Sun Apr 01, 2007 11:09 am Reply with quote
Good idea, I changed the subject of this thread accordingly.
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> RN Bug Reports - Other Issues


 Jump to:   




View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©