php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #56533 User details are overescaped
Submitted: 2005-09-08 12:52 UTC Modified: 2006-10-30 22:37 UTC
From: techtonik@php.net Assigned: cellog (profile)
Status: Closed Package: PECL website (PECL)
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: techtonik@php.net
New email:
PHP Version: OS:

 

 [2005-09-08 12:52 UTC] techtonik@php.net
Description:
------------
Recent patch to http://cvs.php.net/pearweb/public_html/account-edit.php
invokes htmlspecialchars on entered text, but this script http://cvs.php.net/pearweb/public_html/account-info.php also uses htmlspecialchars to output user info. 

The patch is trivial, but it requires somebody with DB and pearweb access to find and convert all non-htmlspecialcharsed descriptions first.



Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-09-08 19:37 UTC] pierre dot php at gmail dot com
Will do that in the next early "morning"
 [2006-10-30 22:37 UTC] cellog@php.net
This bug has been fixed in CVS.

If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET).

If this was a problem with the pear.php.net website, the change should be live shortly.

Otherwise, the fix will appear in the package's next release.

Thank you for the report and for helping us make PEAR better.

database has been fixed as well
 
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Sun Jan 17 04:01:23 2021 UTC