SourceForge has been redesigned. Learn more.
Close

#1 Dollar-sign characters not being properly escaped

To_Fix_in_v2.0
closed-fixed
7
2008-02-19
2005-09-02
No

Bug migrated from Easymoblog: http://sourceforge.net/tracker/
index.php?func=detail&aid=1025524&group_id=88633&atid=587380

If a user enters a dollar sign as part of a post or comment then it
isn't escaped correctly. The dollar sign disappears and the display
corrupts.

Discussion

  • Mark Wallis (aka serialmonkey)

    • status: open --> closed-works-for-me
     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445

    Unable to reproduce in current CVS.

     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445

    Case reopened - sample email with issue sent to devblog

     
  • Mark Wallis (aka serialmonkey)

    • status: closed-works-for-me --> open
     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445

    Ahhh, this only occurs when the dollar sign is infront of a number.

     
  • Mark Wallis (aka serialmonkey)

    • milestone: 508266 --> To_Fix_in_v2.0
     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445

    This is actually a bug in Xtemplate. Unfortunatly upgrading to XTemplate causes
    more problems than it solves so it won't occur this point release.

    Scheduled for 2.0

     
  • xseraph

    xseraph - 2006-01-31

    Logged In: YES
    user_id=1201242

    Any idea when you'll be starting on the 2.0 release? This
    bug is really a showstopper preventing me from putting the
    software into use.

    Thx,
    Steve

     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445

    I expect to start work on it at the end of Feb. Problem is that this bug is not in
    CoMoblog - but a shared library that we use. The developers of the library
    suggest we upgrade to the latest version - but the interfaces changes are many
    and it's basically a complete rewrite of how the view components work.

    The workaround for the time being is putting a space between any dollar signs
    that are followed by numbers (characters are fine)

     
  • xseraph

    xseraph - 2006-03-07

    Logged In: YES
    user_id=1201242

    Is there any possibility of adding a workaround in
    mod_batch when it processes email that if is finds a $
    followed by a number that it can add a space?

    Thanks,
    Steve

     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445

    Afraid not - the problem is in the PEAR libraries that are used to parse the mail
    message before it even gets into mod_batch.

    I'll see if I can think of another workaround ....

    S

     
  • xseraph

    xseraph - 2006-04-04

    Logged In: YES
    user_id=1201242

    I've managed to hack in the current version of Xtemplate
    and have the search module working with it as well. Can't
    figure out how to get the calendar module to work though,
    but I can work around that. Looking forward to version 2.0

    Thanks,
    Steve

     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445

    Good work Steve. I've started as well with the latest version and am working
    through the kinks now. If you like, targz and email me what you have done and
    I'll ensure we get the best of both your and my code.

     
  • xseraph

    xseraph - 2006-04-05

    Logged In: YES
    user_id=1201242

    I'm not a PHP programmer by any means, essentially all I
    did was change
    $tpl = new XTemplate ("templates/index.tpl.htm", "main");
    to
    $tpl = new XTemplate ("index.tpl.htm", $tpldir
    = 'templates/');
    in the files I required(index.php, posts.php and modules
    that use Xtemplate). This broke a few things in the
    template that I changed to a hard link instead of
    referencing a variable, I did mention it was a hack ;)
    Wish I could be of more help with the upgrade, but can
    certainly assist with testing.

    Steve

     
  • Mark Wallis (aka serialmonkey)

    • status: open --> closed-fixed
     
  • Mark Wallis (aka serialmonkey)

    Logged In: YES
    user_id=342445
    Originator: YES

    I've upgraded XTemplate in CVS and this has resolved the problem

     

Log in to post a comment.