Kai Vogel
Bug #25298
closed
No "=" sign is allowed in value part of flashvars of MEDIA element
100%
Description
Problem:
-------------------------
In File "class.tslib_content_media.php" in line 158 the flashvars will be exploded at the "=" sign into key and value. But all "=" signs in the value part are exploded too. Such a value is possible for e.g. an URL to get a dynamic XML for the flash application: index.php?id=2&type=96
Solution:
-------------------------
The trimExplode must be called with an fourth parameter to limit the parts to two.
Change:
$valueParts = t3lib_div::trimExplode('=', $parts1, TRUE);
To:
$valueParts = t3lib_div::trimExplode('=', $parts1, TRUE, 2);
(issue imported from #M17913)
Updated by Mathias Schreiber over 9 years ago
- Description updated (diff)
- Category deleted (
Communication) - Target version changed from 0 to 7.2 (Frontend)
- Is Regression set to No
Updated by Benni Mack almost 9 years ago
- Target version changed from 7.2 (Frontend) to 7.4 (Backend)
Updated by Gerrit Code Review almost 9 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/41699
Updated by Susanne Moog almost 9 years ago
- Target version changed from 7.4 (Backend) to 7.5
Updated by Gerrit Code Review over 8 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/41699
Updated by Gerrit Code Review over 8 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/41699
Updated by Georg Ringer over 8 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 4c6e46d0d609a089f373308d2b3b74b75b66cbd5.
Updated by Riccardo De Contardi over 6 years ago
- Status changed from Resolved to Closed