View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0003767 | mantisbt | custom fields | public | 2004-04-23 04:29 | 2010-12-17 04:40 |
Reporter | sowiso | Assigned To | grangeway | ||
Priority | normal | Severity | trivial | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 0.18.2 | ||||
Target Version | 1.2.4 | Fixed in Version | 1.2.4 | ||
Summary | 0003767: Enumeration Custum fields with html-special chars get unselected on bug-update | ||||
Description | if fore a project exists enumeration custom fields with possible values for example (foo|foo & bar|bar and) and 'foo & bar' was selected on bug reproting and you are going to update bug then 'foo & bar' is not selected any more. to fix the problem change the line: sorry i have no development system so i cannot provide a patch file. | ||||
Tags | patch | ||||
Attached Files | bugfix_custom_fields.patch (1,179 bytes)
From 59863b7f7eaec333b5c273b64cf19cc9b0d8153f Mon Sep 17 00:00:00 2001 From: Dominik Blunk <dominik@blunk.ch> Date: Wed, 22 Sep 2010 14:15:03 +0200 Subject: [PATCH] Fixed: Custom fields (lists) havent been correctly selected (bug_update) when content was containing html special chars --- core/cfdefs/cfdef_standard.php | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/core/cfdefs/cfdef_standard.php b/core/cfdefs/cfdef_standard.php index 5754592..34a2c62 100644 --- a/core/cfdefs/cfdef_standard.php +++ b/core/cfdefs/cfdef_standard.php @@ -247,7 +247,7 @@ function cfdef_input_list($p_field_def, $t_custom_field_value) { $t_selected_values = explode( '|', $t_custom_field_value ); foreach( $t_values as $t_option ) { - if( in_array( $t_option, $t_selected_values, true ) ) { + if ( in_array( string_attribute ( $t_option ), $t_selected_values, true ) ) { echo '<option value="' . string_attribute( $t_option ) . '" selected="selected"> ' . string_display_line( $t_option ) . '</option>'; } else { echo '<option value="' . string_attribute( $t_option ) . '">' . string_display_line( $t_option ) . '</option>'; -- 1.7.0.2.msysgit.0 | ||||
has duplicate | 0008512 | closed | dhx | Ampersand in Custom Fields Error |
has duplicate | 0009600 | closed | dhx | Custom Field with character '&' does not work properly |
has duplicate | 0010901 | closed | dhx | We can't use & in custom field value and it's impossible search the first and last value from custom list |
has duplicate | 0011531 | closed | atrol | custom field value is lost on update |
related to | 0008323 | closed | dregad | Spaces in custom fields |
alternate you can move the line $t_custom_field_value = string_attribute( $t_custom_field_value ); behind the line case CUSTOM_FIELD_TYPE_STRING: this might be more perfomant, cause string_attribute has only to be called once edited on: 04-23-04 04:41 |
|
Same as bug 8512 and 9600. Still not fixed in 1.1.2. |
|
Attached a bugfix for master-1.2.x |
|
Thanks for the patch Dominik. This issue was actually a much larger problem that Paul (grangeway) fixed recently in the 1.3.x branch. I have backported the fix to 1.2.x and have confirmed that this issue is now resolved. Apologies for the delay! |
|
MantisBT: master 89c9f85a 2010-09-21 17:58 Details Diff |
Following XSS changes, don't double encode |
Affected Issues 0003767 |
|
mod - core/custom_field_api.php | Diff File | ||
MantisBT: master-1.2.x 76c9a79e 2010-09-21 17:58 Committer: dhx Details Diff |
Following XSS changes, don't double encode |
Affected Issues 0003767 |
|
mod - core/custom_field_api.php | Diff File |