SourceForge has been redesigned. Learn more.
Close

#271 UTF-8 string display problem

v2.3.5
closed-fixed
nobody
5
2012-03-13
2012-03-11
Laddobar
No

In two places (as I discovered so far) PA has trouble displaying UTF-8 characters - in both cases these are "description" fields. From the superadmin point of view:
- description of the domain when listing all the domains in /postfixadmin/list-domain.php
- name of the mailbox owner when listing aliases and mailboxes of a domain in /postfixadmin/list-virtual.php?domain=example.com

I found the problem in the usage of HTMLEntities function, which is missing the encoding parameter.
Change in templates admin_list-domain.php and list_virtual.php seems sufficient:
original: print "<td>" . htmlentities($domain_properties[$i]['description']) . "</td>";
resolved: print "<td>" . htmlentities($domain_properties[$i]['description'],ENT_QUOTES,'UTF-8') . "</td>";

Thanks for your good work!
Laddobar

Discussion

  • Christian Boltz

    Christian Boltz - 2012-03-13

    That's a known regression in 2.3.5 :-( - but it's still better than the XSS issues those files had before.

    I already fixed it in SVN, but just that fix isn't worth a new release IMHO. If you need the fixed files, you can download them directly from SVN at
    http://postfixadmin.svn.sourceforge.net/viewvc/postfixadmin/branches/postfixadmin-2.3/templates/
    or apply the patch that I'll attach to this bugreport.

    And BTW, you found both places that are affected by this bug ;-)

     
  • Christian Boltz

    Christian Boltz - 2012-03-13
    • status: open --> closed-fixed
     

Log in to post a comment.