0004450: Real name was changed to "Â¹ÃœÃ€ÃÃ”Â±" - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0004450	mantisbt	localization	public	2004-08-31 21:35	2004-12-11 03:01

Reporter	bobdeng	Assigned To	jlatour
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	0.19.0rc1
Fixed in Version	0.19.2

Summary	0004450: Real name was changed to "Â¹ÃœÃ€ÃÃ”Â±"
Description	When I create a new user, he login mantis and go to "My Account" to change his personal information, his real name is Chinese word, when he saved,the real name was changed to "¹ÜÀíÔ±". When I login as administrator,in "Management" function to change the user's information, when I input Chinese word, it works right.
Tags	No tags attached.
Attached Files	mantisbt.4450.realname.txt (667 bytes) Index: account_update.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/account_update.php,v retrieving revision 1.38 diff -u -r1.38 account_update.php --- account_update.php 22 Aug 2004 01:19:29 -0000 1.38 +++ account_update.php 29 Oct 2004 12:10:57 -0000 @@ -28,7 +28,7 @@ ?> <?php $f_email = htmlentities( gpc_get_string( 'email', '' ) ); - $f_realname = htmlentities( gpc_get_string( 'realname', '' ) ); + $f_realname = htmlspecialchars( gpc_get_string( 'realname', '' ) ); $f_password = gpc_get_string( 'password', '' ); $f_password_confirm = gpc_get_string( 'password_confirm', '' ); mantisbt.4450.realname.txt (667 bytes)

jlatour 2004-08-31 23:54 reporter ~0007346	Are both accounts using the Chinese interface? If so, simplified or traditional?

bobdeng 2004-08-31 23:58 reporter ~0007347	Yes，when I changed the code in "account_update.php", 31 line: $f_realname = htmlentities(gpc_get_string( 'realname', '' ) ); to $f_realname = gpc_get_string( 'realname', '' ) ; It works ok.

bobdeng 2004-08-31 23:58 reporter ~0007349	simplified

jlatour 2004-09-01 00:01 reporter ~0007350	OK, thanks.

grangeway 2004-09-05 08:47 reporter ~0007440	Or more, htmlentities should be string_display / string_attribute..?

romat 2004-09-09 02:47 reporter ~0007505	I have the same behaviour with ISO 8859-2 accented characters. The problem is with htmlentities() function in account_update.php. The rest of Mantis uses htmlspacialchars() which is safe when using accented characters.

DGtlRift 2004-10-28 08:45 reporter ~0008196	Did anyone fix this in CVS yet? Seems very simple, should I bother to post a patch?

DGtlRift 2004-10-29 06:46 reporter ~0008201	Verified issue. Changed htmlentities() to htmlspacialchars() as suggested by romat. Tested, and works with mod. Patch added and awaiting review and CVS commit.

jlatour 2004-11-25 18:04 reporter ~0008432	It took a while... but it should be fixed now :-) Sorry for the delay.

has duplicate	0004586	closed	~~Wanderer~~	problem with realname field
has duplicate	0004913	closed	jlatour	account_page.php and charset=iso-8859-2
related to	0004366	closed	dregad	Mail does not encode foreign characters
related to	0004346	closed	achumakov	Problem with HTML-entities in names
child of	0004818	closed	vboctor	Mantis 0.19.2 release