View Issue Details

IDProjectCategoryView StatusLast Update
0016895phplist applicationInterface - Administratorpublic19-07-14 15:39
Reporteralpha1 
PrioritylowSeveritytrivialReproducibilityhave not tried
Status resolvedResolutionfixed 
Product Version3.0.5 
Target Version3.0.XFixed in Version3.0.7 
Summary0016895: List names ($row['name']) have not been stripped of slashes
DescriptionSame Issue as:https://mantis.phplist.com/view.php?id=16724

Fix:
catlists.php
Line: 65 $ls->addColumn($row['id'],$GLOBALS['I18N']->get('Name'),stripslashes($row['name']));
Steps To ReproduceView the ?page=catlists page with any list such as "Mike's Testing List" and you'll see the ' has a slash.
TagsNo tags attached.

Activities

alpha1

02-10-13 19:54

reporter   ~0052304

Same Issue:
?page=message&id=ANY

File: message.php

Corrected Lines:
Line: 130
$content .= sprintf ('<tr><td>%d</td><td>%s</td></tr>',$lst['id'],stripslashes($lst['name']));

and line 137:
    $content .= sprintf ('<tr><td>%d</td><td>%s</td></tr>',$lst['id'],stripslashes($lst['name']));