php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #56533 User details are overescaped
Submitted: 2005-09-08 12:52 UTC Modified: 2006-10-30 22:37 UTC
From: techtonik@php.net Assigned: cellog (profile)
Status: Closed Package: PECL website (PECL)
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: techtonik@php.net
New email:
PHP Version: OS:

 

 [2005-09-08 12:52 UTC] techtonik@php.net 
Description:
------------
Recent patch to http://cvs.php.net/pearweb/public_html/account-edit.php
invokes htmlspecialchars on entered text, but this script http://cvs.php.net/pearweb/public_html/account-info.php also uses htmlspecialchars to output user info. 

The patch is trivial, but it requires somebody with DB and pearweb access to find and convert all non-htmlspecialcharsed descriptions first.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2005-09-08 19:37 UTC] pierre dot php at gmail dot com 
Will do that in the next early "morning"
 [2006-10-30 22:37 UTC] cellog@php.net 
This bug has been fixed in CVS.

If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET).

If this was a problem with the pear.php.net website, the change should be live shortly.

Otherwise, the fix will appear in the package's next release.

Thank you for the report and for helping us make PEAR better.

database has been fixed as well
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Sat Apr 20 00:01:27 2024 UTC