phpBB

Development Discussion Board

phpBB's testing ground of bleeding edge code

Advanced search

< & > supported?

13 posts • Page 2 of 2 •

1
2

Re: < & > supported?

Postby markus_petrux » Thu Jan 05, 2006 3:47 pm

I believe I've found the problem. Could you please try this?

OPEN: admin/admin_easymod.php

FIND:

Code: Select all: $hidden_sql = '<input type="hidden" name="SQL' . $steps . '" value="' . htmlspecialchars($formatted_sql[$i]) . '" />';

REPLACE WITH:

Code: Select all: $hidden_sql = '<input type="hidden" name="SQL' . $steps . '" value="' . $formatted_sql[$i] . '" />';

Note the line before this one already applied htmlspecialchars to the SQL line.

<?php /* TMTOWTDI */
dynamic_signatures_guide();
iframe_height_auto_resize();
?>

markus_petrux

Registered User

Posts: 376

Joined: Fri Jun 18, 2004 10:58 pm

Location: Girona, Catalunya (Spain)

Website

Re: < & > supported?

Postby -=ET=- » Thu Jan 05, 2006 5:24 pm

Well done!
Everything is solved for <, > and "! Smile

Smile

Even if you don't release any new version, perhaps you should publish this fix in this topic?
viewtopic.php?f=17&t=21309

Eternal newbie

-=ET=-: Registered User; Posts: 211; Joined: Mon May 26, 2003 1:35 pm; Location: France

Re: < & > supported?

Postby markus_petrux » Thu Jan 05, 2006 5:56 pm

Looks like a good idea:
viewtopic.php?f=17&t=21309&p=130605#130605

Thanks again

<?php /* TMTOWTDI */
dynamic_signatures_guide();
iframe_height_auto_resize();
?>

markus_petrux

Registered User

Posts: 376

Joined: Fri Jun 18, 2004 10:58 pm

Location: Girona, Catalunya (Spain)

Website

13 posts • Page 2 of 2 •

1
2

Return to SQL Parser

Jump to:

Who is online

Users browsing this forum: No registered users and 1 guest