Ticket #829 (fixed bug)
Category not escaped on profile/administration page
- Created: 2013-02-06 11:04:13
- Reported by: Wieke
- Assigned to: Franz
- Milestone: 1.5.3
- Component: security
- Priority: normal
Hi
Found a bug similar to ticket 781. But this one involves category names on a users profile/administration page.
Create a category containing an ampersand.
Navigate, as admin, to a user's profile.
Click on administration.
I've tried replacing the ampersand with &. This works but only for the user/administration page, on the forum index it will literally show as &.
After some messing about with the profile.php code I found the following solution.
Replace (line 1786 in my code)
echo "\t\t\t\t\t\t\t".'<div class="conl">'."\n\t\t\t\t\t\t\t\t".'<p><strong>'.$cur_forum['cat_name'].'</strong></p>'."\n\t\t\t\t\t\t\t\t".'<div class="rbox">';with
echo "\t\t\t\t\t\t\t".'<div class="conl">'."\n\t\t\t\t\t\t\t\t".'<p><strong>'.pun_htmlspecialchars($cur_forum['cat_name']).'</strong></p>'."\n\t\t\t\t\t\t\t\t".'<div class="rbox">';Have a nice day,
Wieke
History
Franz 2013-02-06 22:48:43
- Component changed from parser to security.
- Milestone set to 1.5.3.
- Owner set to Franz.
Franz 2013-02-08 09:07:50
- Summary changed from Caregory not escaped on profile/administration page. to Category not escaped on profile/administration page.