View Issue Details

IDProjectCategoryView StatusLast Update
0016584phplist applicationStatisticspublic13-06-13 21:27
Status resolvedResolutionfixed 
Platformx86_64OSUbuntu LinuxOS Version10.04
Product Version2.10.17 
Target Version2.11.11Fixed in Version2.11.11 
Summary0016584: Tracking replacing period in URL param name with underscore
DescriptionThe click tracking system is replacing a period (.) with an underscore (_) in my url parameter. This seems to be the same or similar problem as referenced here:

is getting turned into

I tested print_r(parse_url("")) and it properly generates the following.
Array ( [scheme] => http [host] => [path] => /path/example.html [query] => WT.mc_id=xyz )

There seems to be a bug in the URL parsing code for the click tracking, but I haven't been able to track it down yet.
Steps To ReproduceSend email with click tracking enabled that contains a link with a '.' character in the URL argument name.
TagsNo tags attached.


related to 0008980 resolveduser1822 Link Conversion for Click Tracking 
has duplicate 0015239 resolvedmichiel Links are not getting re-written correctly (mangled actually). 



03-04-12 21:55

reporter   ~0051539

Problem lies with parse_str incorrectly converting certain characters to underscores(_). Patch pending.


04-04-12 11:22

manager   ~0051540

yes, the problem is in PHP, which makes it tricky. When the URL is parsed into it's components, PHP for security, doesn't allow a "." in the variable element and makes it an underscore. So, the only way is to write our own parse_url function that doesn't do that.


04-04-12 16:37


parse_str_punctuation_issue.patch (538 bytes)
--- a/admin/lib.php
+++ b/admin/lib.php
@@ -695,7 +695,8 @@ function cleanUrl($url,$disallowed_params = array('PHPSESSID')) {
       $params[$key] = $val;
   } else {
-    parse_str($parsed['query'],$params);
+      list($key,$val) = explode('=',$parsed['query']);
+      $params[$key] = $val;
   $uri = !empty($parsed['scheme']) ? $parsed['scheme'].':'.((strtolower($parsed['scheme']) == 'mailto') ? '':'//'): '';
   $uri .= !empty($parsed['user']) ? $parsed['user'].(!empty($parsed['pass'])? ':'.$parsed['pass']:'').'@':'';


04-04-12 16:38

reporter   ~0051541

I noticed that in the multi-argument case parse_str had already been replaced by an appropriate replacement. The issues was only in the else case where there is only one parameter in the query string. Updated, tested and submitted patch.


26-10-12 19:57

reporter   ~0051793

The patch seems to break the uid parameter in unsubscribe, preferences, send-to-friend links in the footer.