View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0002786 | phpList 3 application | Subscribe Process | public | 23-03-05 09:30 | 20-05-05 20:34 |
Reporter | netwear | ||||
Priority | normal | Severity | major | Reproducibility | always |
Status | resolved | Resolution | fixed | ||
Product Version | 2.9.4 | ||||
Target Version | Fixed in Version | 2.9.5 | |||
Summary | 0002786: Escaped Characters in Template Output | ||||
Description | Under certain circumstances, i can reproduce it when trying to unsubscribe an nonexisting adress - the output of the header and footer has escaped characters which destroys the browser output. The page source code looks like this: <td><img src=\"/ecke_ru.gif\" width=\"9\" height=\"9\"></td> <td bgcolor=\"#FFCC00\"><img src=\"/gelb.gif\" width=\"10\" height=\"9\"></td> <td bgcolor=\"#999999\"><img src=\"/grau.gif\" width=\"3\" height=\"9\"></td> | ||||
Tags | No tags attached. | ||||
|
please make sure your magic quotes settings are correct |
|
Hello Michiel! I just found out the real problem behind the error in index.php: If a non existing adress leads to an empty $id after the db-query which is than replaced by the default id later on in the script. It is better to give a submitted $id a higher priority (even over the user preferences) so i changed around line 90 */ } else { $userid = ""; $userpassword = ""; $emailcheck = ""; } # make sure the subscribe page still exists $req = Sql_fetch_row_query(sprintf('select id from %s where id = %d',$tables["subscribepage"],$id)); $id = $req[0]; $msg = ""; to the following: */ } else { $userid = ""; $userpassword = ""; $emailcheck = ""; } if ($_REQUEST["id"]){ $id = $_REQUEST["id"]; } # make sure the subscribe page still exists $req = Sql_fetch_row_query(sprintf('select id from %s where id = %d',$tables["subscribepage"],$id)); $id = $req[0]; $msg = ""; And it works! Why the submitted $id=1 causes the quotes-problem i still havn´t found out... Maybe it has something to do with the fact that i deleted list 1... Harald |
|
thanks your code change has been added to CVS |