[Vtigercrm-commits] [vtiger development] #5340: Account names can't contain apostrophes
vtiger development
vtiger-tickets at trac.vtiger.com
Tue Nov 25 16:51:16 EST 2008
#5340: Account names can't contain apostrophes
--------------------------+-------------------------------------------------
Reporter: Mike.Sasena | Owner: developer
Type: patch | Status: closed
Priority: unassigned | Milestone: 5.1.0
Component: vtigercrm | Version: 5.0.4
Resolution: fixed | Keywords: apostrophe innerHTML
--------------------------+-------------------------------------------------
Changes (by densi):
* keywords: => apostrophe innerHTML
* status: new => closed
* resolution: => fixed
* type: defect => patch
Comment:
I found the solution
2 different problems:
1- all browsers (Firefox, IE7, opera 9, safari, chrome; all latest
version) innerHTML corrupt the onclick="" javascript code in the
javascript callSearch() in popup.tpl.
A bug should be summitted to all.
2- include/utils/ListViewUtils.php decode_html function is checking the
$_REQUEST variable.
the code should look this:
if($_REQUEST['action'] == 'Popup' || $_REQUEST['action'] ==
'AccountsAjax')
instead of:
if($_REQUEST['action'] == 'Popup')
This way, the apostrophe get formated like this: \' instead of like
this: \'
N.B. Maybe strrpos($_REQUEST['action'], 'Ajax') == 4 to filter ALL the
module AJAX querks. I am sure at 60% that this code is better than the one
above.
BTW, really stupid to check $_REQUEST in decode_html().
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5340#comment:1>
vtiger development <http://trac.vtiger.com/>
vtigerCRM
More information about the vtigercrm-commits
mailing list