phplist

NOTE:: Before reporting an issue, make sure you are running the latest version, currently 3.3.1


View Issue Details Jump to Notes ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008919phplist applicationRSSpublic12-01-07 22:0121-01-08 18:50
Reporterskoenig 
PrioritynormalSeverityminorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version2.11.2 
Target Version4.0.xFixed in Version2.10.5 
Summary0008919: $ symbols within feeds are interpreted as variables at send time
DescriptionNote: It's been happening since my first build 2.10.2 but wasn't an important thing until now.

Set up an RSS list.
Point the feed to something that has dollars in frequently like engadget
http://feeds.engadget.com/weblogsinc/engadget [^]

Set up an HTML newsletter (haven't checked Text yet).

What should be $9.99 comes out as .99

Looking at the feeds the RSS HTML data is properly encapsulated in [content] CDATAs but I think this error also happens when it's raw TEXT as in a [description] field.

Might be a quick fix but i can't navigate the feed parser so easily.

I checked all the incoming feeds against feedvalidator and they all pass.
TagsNo tags attached.
Attached Files

- Relationships
related to 0002705closed PHPList v2.11 release 
related to 0003721closed phplist 2.10.x 

-  Notes
(0022691)
skoenig (reporter)
18-01-07 19:06

Fixed.

In rsslib.php in function parseRSSTemplate escape $ symbols already in the content before processing starts during the for each loop.

Thus the functions looks like below:

function parseRSSTemplate($template,$data) {
  foreach ($data as $key => $val) {
    if (!preg_match("#^\d+$#",$key)) {

      // SK MOD: escape $ symbols in $vals for content $keys
      $val = str_replace('$','\$',$val);

# print "$key => $val
";
      $template = preg_replace('#\['.preg_quote($key).'\]#i',$val,$template);
     }
   }
  $template = eregi_replace("\[[A-Z\. ]+\]","",$template);

  return $template;
}

Improvements and optimizations very very welcome.
(0030978)
user1822
23-08-07 18:40

Suggested fix has been tested and it works indeed


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker