[Tickets #3824] NEW: Filenames containing a ' produce javascript errors
bugs@bugs.horde.org
bugs at bugs.horde.org
Mon Apr 24 10:37:29 PDT 2006
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=3824
-----------------------------------------------------------------------
Ticket | 3824
Created By | gus at pbx.org
Summary | Filenames containing a ' produce javascript errors
Queue | Gollem
Version | HEAD
State | Unconfirmed
Priority | 1. Low
Type | Bug
Owners |
-----------------------------------------------------------------------
gus at pbx.org (2006-04-24 10:37) wrote:
When browsing a directory containing a file with a ' in it, in IE it gives
javascript errors.
I believe the bug stems from:
gollem/manager.php line 400:
$item['link'] = Horde::link('#', '', '', '', "view('$url', '" . $val['name']
. "'); return false;") . $name . '</a>';
where it is passing $val['name'] .. I have tried wrapping this in
addslashes() and htmlspecialchars(,ENT_QUOTES) however neither one of them
fixes the errors, however there are no longer any 's in the string..
The _EXACT_ error in IE is:
Error: Expected ')'
the line it presents is never near one of the lines that has a filename with
a single quote (possibly javascript document.write somewhere)
investigating further...
More information about the bugs
mailing list