View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0010901 | mantisbt | custom fields | public | 2009-09-03 16:34 | 2010-09-19 03:11 |
Reporter | bighux | Assigned To | dhx | ||
Priority | normal | Severity | major | Reproducibility | always |
Status | closed | Resolution | duplicate | ||
Platform | Apache 2.2.12 + PHP 5.3.0 | OS | Windows | OS Version | XP |
Product Version | 1.2.0rc1 | ||||
Target Version | 1.3.0-beta.1 | ||||
Summary | 0010901: We can't use & in custom field value and it's impossible search the first and last value from custom list | ||||
Description | We can't use & in custom field value with type checkbox or multiselection list, otherwise the value is never selected in edit issue page. I don't have tried with others types. | ||||
Steps To Reproduce | 1- Create custom field checkbox with 4 values (eg : value1|value2|value &3|value4) with "Add to Filter" and "Display When Reporting Issues" checked | ||||
Tags | patch | ||||
Attached Files | bug_10901.diff (2,280 bytes)
Nur in www/: config_inc.php. diff -ru mantis.build/core/cfdefs/cfdef_standard.php www/core/cfdefs/cfdef_standard.php --- mantis.build/core/cfdefs/cfdef_standard.php 2009-12-27 10:06:06.000000000 +0100 +++ www/core/cfdefs/cfdef_standard.php 2009-12-28 00:41:03.000000000 +0100 @@ -247,7 +247,7 @@ $t_selected_values = explode( '|', $t_custom_field_value ); foreach( $t_values as $t_option ) { - if( in_array( $t_option, $t_selected_values, true ) ) { + if( in_array( htmlentities($t_option), $t_selected_values, true ) ) { echo '<option value="' . $t_option . '" selected="selected"> ' . $t_option . '</option>'; } else { echo '<option value="' . $t_option . '">' . $t_option . '</option>'; @@ -261,7 +261,7 @@ $t_checked_values = explode( '|', $t_custom_field_value ); foreach( $t_values as $t_option ) { echo '<input ', helper_get_tab_index(), ' type="checkbox" name="custom_field_' . $p_field_def['id'] . '[]"'; - if( in_array( $t_option, $t_checked_values, true ) ) { + if( in_array( htmlentities($t_option), $t_checked_values, true ) ) { echo ' value="' . $t_option . '" checked="checked"> ' . $t_option . ' '; } else { echo ' value="' . $t_option . '"> ' . $t_option . ' '; diff -ru mantis.build/core/filter_api.php www/core/filter_api.php --- mantis.build/core/filter_api.php 2009-12-27 10:06:06.000000000 +0100 +++ www/core/filter_api.php 2009-12-28 00:44:18.000000000 +0100 @@ -1899,8 +1899,14 @@ switch( $t_def['type'] ) { case CUSTOM_FIELD_TYPE_MULTILIST: case CUSTOM_FIELD_TYPE_CHECKBOX: + $t_where_params[] = $t_filter_member . '|%'; + array_push( $t_filter_array, db_helper_like( "$t_table_name.value" ) ); + $t_where_params[] = '%|' . $t_filter_member; + array_push( $t_filter_array, db_helper_like( "$t_table_name.value" ) ); $t_where_params[] = '%|' . $t_filter_member . '|%'; array_push( $t_filter_array, db_helper_like( "$t_table_name.value" ) ); + $t_where_params[] = $t_filter_member; + array_push( $t_filter_array, db_helper_like( "$t_table_name.value" ) ); break; default: array_push( $t_filter_array, "$t_table_name.value = '" . db_prepare_string( $t_filter_member ) . "'" ); | ||||
duplicate of | 0011561 | closed | dhx | Filtering for custom field types multilist and checkbox does not work |
duplicate of | 0003767 | closed | grangeway | Enumeration Custum fields with html-special chars get unselected on bug-update |
has duplicate | 0011011 | closed | dhx | Can't add UTF8 custom fields to the Manage columns enumeration |
has duplicate | 0011634 | closed | dhx | using special characters on Custom Field name generates issue when trying to order by this CF |
has duplicate | 0011631 | closed | dhx | Custom Fields with special characters in the name cause SQL errors on sort. |
I have found the problem filter value (but not the bug with &)in /core/filter_api.php line 1878 $t_where_params[] = $t_filter_member . '|%'; |
|
I have the same problem with Mantis 1.1.8. Maybe it is a problem with usage of html entities? '&' seems to be stored as '&' and compared with '&' (or vice versa) |
|
biitli: remove your sponsoring by sponsoring an amount of $0 |
|
Hey, i had a deeper look in this bug. There are two different issues: bighux writes down a solution for part a. This solutions works fine in my tests. Thanks for this bighux. My patch is added. Have a nice day, |
|
The filtering bug has been fixed in 0011561 Thanks Andy for your patch! I actually did the same thing as your patch without seeing this bug first. However, the approach of using multiple LIKE queries is poor and unintended, so the 2nd patch in 0011561 fixes it more properly. I'll keep this bug open to keep track of the other issue at hand here (using ampersands and other special characters in a custom field name/values). |
|
Please see duplicate issue 0003767 for further updates and discussion. This bug is OLD :( |
|