Report new bug | New search | Development Roadmap Status: Open | Feedback | All

Bug #5340 User details are overescaped
Submitted: 2005-09-08 11:52 UTC Modified: 2006-10-30 22:37 UTC
From: techtonik Assigned: cellog
Status: Closed Package: Web Site
PHP Version: Irrelevant OS:
Roadmaps: (Not assigned)    
Subscription  


 [2005-09-08 11:52 UTC] techtonik
Description: ------------ Recent patch to http://cvs.php.net/pearweb/public_html/account-edit.php invokes htmlspecialchars on entered text, but this script http://cvs.php.net/pearweb/public_html/account-info.php also uses htmlspecialchars to output user info. The patch is trivial, but it requires somebody with DB and pearweb access to find and convert all non-htmlspecialcharsed descriptions first.

Comments

 [2005-09-08 18:37 UTC] pajoye
Will do that in the next early "morning"
 [2006-10-30 22:37 UTC] cellog (Greg Beaver)
This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. database has been fixed as well