Bug #14819
closed
htmlspecialchars called multiple times
Added by Johannes Bornhold about 19 years ago.
Updated about 16 years ago.
Description
In the class.tx_indexedsearch.php there are multiple situations where the output is processed by htmlspecialchars multiple times which results in output like "
My solution was to remove one of the duplicates.
(issue imported from #M1199)
Files
Added some excerpts from the file pi/class.tx_indexedsearch.php. Hope this helps.
Working Version attached, just changed prepareResultRowTemplateData line 1472 to $title = $this->linkPage($row['data_page_id'],($this->makeTitle($row)),$row,$markUpSwParams);
Uploaded wrong file, sorry, last one is the right one
Ugly result: If a page title contains an ampersand (not too rarely), the twice parsing makes the entity visible &. Other specialchars should not used as often.
still not fixed in last version.
Funny enough I just sent a patch for this to the core list 5 minutes ago! :-)
It fixes it on version 3.8.1. Thanks.
Whats with this part:
class.tx_indexedsearch.php,v 1.15.2.1
1929: $pathStr = htmlspecialchars($this->getPathFromPageId($pathId,$pathMP));
1930: $tmplArray['path'] = $this->linkPage($pathId,htmlspecialchars($pathStr),array(
Thanks, René - I've changed this as well.
Also available in: Atom
PDF