PHP :: Bug #56533 :: User details are overescaped

Bug #56533	User details are overescaped
Submitted:	2005-09-08 12:52 UTC	Modified:	2006-10-30 22:37 UTC
From:	techtonik@php.net	Assigned:	cellog (profile)
Status:	Closed	Package:	PECL website (PECL)
PHP Version:	Irrelevant	OS:
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
If you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	techtonik@php.net
New email:
PHP Version:		OS:

New/Additional Comment:

[2005-09-08 12:52 UTC] techtonik@php.net

Description:
------------
Recent patch to http://cvs.php.net/pearweb/public_html/account-edit.php
invokes htmlspecialchars on entered text, but this script http://cvs.php.net/pearweb/public_html/account-info.php also uses htmlspecialchars to output user info. 

The patch is trivial, but it requires somebody with DB and pearweb access to find and convert all non-htmlspecialcharsed descriptions first.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2005-09-08 19:37 UTC] pierre dot php at gmail dot com

Will do that in the next early "morning"

[2006-10-30 22:37 UTC] cellog@php.net

This bug has been fixed in CVS.

If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET).

If this was a problem with the pear.php.net website, the change should be live shortly.

Otherwise, the fix will appear in the package's next release.

Thank you for the report and for helping us make PEAR better.

database has been fixed as well

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 17:01:58 2024 UTC