< & > supported?

Discussion on a SQL Parser for EasyMOD
Locked
User avatar
markus_petrux
Registered User
Posts: 376
Joined: Fri Jun 18, 2004 10:58 pm
Location: Girona, Catalunya (Spain)
Contact:

Re: < & > supported?

Post by markus_petrux » Thu Jan 05, 2006 3:47 pm

I believe I've found the problem. Could you please try this?

OPEN: admin/admin_easymod.php

FIND:

Code: Select all

$hidden_sql = '<input type="hidden" name="SQL' . $steps . '" value="' . htmlspecialchars($formatted_sql[$i]) . '" />';
REPLACE WITH:

Code: Select all

$hidden_sql = '<input type="hidden" name="SQL' . $steps . '" value="' . $formatted_sql[$i] . '" />';
Note the line before this one already applied htmlspecialchars to the SQL line.

User avatar
-=ET=-
Registered User
Posts: 211
Joined: Mon May 26, 2003 1:35 pm
Location: France

Re: < & > supported?

Post by -=ET=- » Thu Jan 05, 2006 5:24 pm

Well done!
Everything is solved for <, > and "! :)

Even if you don't release any new version, perhaps you should publish this fix in this topic?
viewtopic.php?f=17&t=21309
Eternal newbie

User avatar
markus_petrux
Registered User
Posts: 376
Joined: Fri Jun 18, 2004 10:58 pm
Location: Girona, Catalunya (Spain)
Contact:

Re: < & > supported?

Post by markus_petrux » Thu Jan 05, 2006 5:56 pm

Looks like a good idea:
viewtopic.php?f=17&t=21309&p=130605#130605


Thanks again

Locked