Bug #17226
closed
JS escape/unescape functions are differently than PHPs urlencode functions when using utf8 in mysql DB
0%
Description
i think i have a bug like: http://bugs.typo3.org/view.php?id=277
i have created a formular and when i press the button "Absenden" then a validation bring f.i. a message where the name of the field is not correct.
when the field "error is here -> Straße, Hausnummer:" is enpty but required then the message box has problems with umlaut
for instance: the one character "ß" will display as the character "Ã" and a reverse "?".
my website with the formular is:
http://www.s15225426.onlinehome-server.info/index.php?id=71&no_cache=1
i have a configuration like http://lists.typo3.org/pipermail/typo3-german/2006-August/022170.html
but as operation system suse 9.3 (virtual host) and typo3 4.1.1
(issue imported from #M5468)
Files
Updated by Martin Kutschker about 17 years ago
JS escape() and unescape() are not fit for UTF8. In the old days they used to be character set ignorant (ie all bytes were escaped as-is), but nowadays a the data is converted from or to latin1 (iso-8859-1) before being escaped.
The safe way in modern browsers is to use encodeURIcomponent/decodeURIcomponent which operates on UTF8 data.
Updated by Guido Hinz almost 17 years ago
After i had replaced "unescape" with "decodeURIcomponent" in the file jsfunc.validateform.js the problem is solved (on my suse linux 10.1 system) while using the browser mozilla firefox or seamonkey. When using the browser Konqueror then the problem is not solved. other browser like ie i will test tomorrow.
I think the Problem is solved.
Updated by Michael Stucki over 15 years ago
Important: It's not "decodeURIcomponent" but "decodeURIComponent" (upper-case "C"), otherwise it will fail at least on Firefox 3.
Attached is a patch that seems to solve the problem. However I would like Martin to give a feedback about it, as he is more familar with the topic.
How to reproduce/test:
1. Create a form that has form fields containing umlauts
2. Make the field required and don't fill it in
- michael
Updated by Michael Stucki over 15 years ago
Masi, can you please take a look at this solution?
Thanks in advance!
- michael
Updated by Steffen Kamper over 15 years ago
i can confirm that using decodeURIComponent solves the problem.
I think all "unescape" calls in core should be replaced by "decodeURIComponent" ("escape" as well)
Updated by Michael Stucki over 15 years ago
Steffen, that is not the way I want this to be solved.
As far as I know, "decodeURIComponent" is not a successor of the "unescape" function, but provides a different way of encoding data which probably seems to work in this case. However, it may also introduce new problems at many places.
That's why I asked Masi for some feedback as he seems to be more familar with it already...
Updated by Steffen Kamper over 15 years ago
Michael, look to #19502 where we solved it same way, Masi was involved too (see corelist)
Updated by Alexander Opitz almost 11 years ago
- Category deleted (
Communication) - Status changed from Accepted to Needs Feedback
- Target version deleted (
0)
The issue is very old, does this issue exists in newer versions of TYPO3 CMS (4.5 or 6.1)?
Updated by Alexander Opitz over 10 years ago
- Status changed from Needs Feedback to Closed
No feedback for over 90 days.