Could you grab this[1] file and tell me what it return when
you run it in PHP. PHP makes testing very difficult because
you can signifigantly change a programs output by changing
a few settings on PHP.ini. For reference the relevant lines
on the box I test on are:
php version: 4.3.0-dev
register_globals: off
magic_quotes_gpc: off
magic_quotes_runtime: off
safe_mode: off
I assume you have magic quotes on, and I try to
de-magic-quote everything, but it looks like something
slipped through.
[1] http://phpesp.sourceforge.net/files/status.php.txt
Thanks,
-James
On Wed, 2 Oct 2002, Robert August Vincent II wrote:
> Found a bug in the CVS version (downloaded it today, so yes, it's
> current)
>
> I tried adding a dropdown-box question with one of the possible
> answers being:
>
> 7. I don't know.
>
> It came back with a backslash in front of the quote-mark.
>
> Every edit thereafter, two backslashes were added.
>
> Fortunately, the fix is a one-line patch. Apologies if your mail
> software wraps the long lines.
>
> diff -ur phpESP/admin/include/tab/questions_options.inc phpESP-patched/admin/include/tab/questions_options.inc
> --- phpESP/admin/include/tab/questions_options.inc 2002-09-06 14:39:02.000000000 -0400
> +++ phpESP-patched/admin/include/tab/questions_options.inc 2002-10-02 01:25:52.000000000 -0400
> @@ -54,7 +54,7 @@
> <input type="hidden" name="choice_id_<?php echo($i); ?>"
> value="<?php echo($choice_id); ?>">
> <input type="text" size="60" name="choice_content_<?php echo($i); ?>"
> - value="<?php echo(htmlspecialchars($choice_content)); ?>">
> + value="<?php echo(htmlspecialchars(DESLASH($choice_content))); ?>">
> </td>
> </tr>
> <?php } ?>
>
>
|
