On Thu, Feb 17, 2011 at 7:26 PM, Alessandro Briosi <ts...@br...>wrote:
> Il 16/02/2011 16:31, Barry Kwok ha scritto:
> > I am referring to this thread
> >
> https://sourceforge.net/mailarchive/forum.php?thread_name=4B900175.8040102%40briosix.org&forum_name=openupload-devel
> > <
> https://sourceforge.net/mailarchive/forum.php?thread_name=4B900175.8040102%40briosix.org&forum_name=openupload-devel
> >
> > about utf-8 language (e.g double byte chinese).
> >
> > After adding html_entity_decode($subject), the subject can display
> > correctly but the description is still html_encoded. I check into the
> > mysql database and found that the description in the database is also
> > html_encoded.
> >
> > where in the mysql code can fix it.
> >
>
> THe problem here is that I escape every input so there is no possibility
> of javascript or xss injection in the code.
>
> Probably the function which sends the e-mail should distinguish between
> this.
> Right now I have no time to check where the problem lies (also as I
> don't know any chinese similar language to write and check)
>
> Probably with new version using the swift mailer can fix this, or simply
> backporting the mail function and library from SVN solves it.
>
> Alessandro
>
I will wait for your new version. thanks
barry
|
