[Mrbs-commits] SF.net SVN: mrbs:[1482] mrbs/trunk/web

[cimorrison]

Revision: 1482
          http://mrbs.svn.sourceforge.net/mrbs/?rev=1482&view=rev
Author:   cimorrison
Date:     2010-09-30 13:04:21 +0000 (Thu, 30 Sep 2010)

Log Message:
-----------
Fixed bug whereby special characters in custom fields were being truncated in 
the middle of an HTML entity.

Modified Paths:
--------------
    mrbs/trunk/web/admin.php
    mrbs/trunk/web/edit_users.php

Modified: mrbs/trunk/web/admin.php
===================================================================
--- mrbs/trunk/web/admin.php    2010-09-30 12:11:55 UTC (rev 1481)
+++ mrbs/trunk/web/admin.php    2010-09-30 13:04:21 UTC (rev 1482)
@@ -292,11 +292,13 @@
               else
               {
                 // strings
-                $text = htmlspecialchars($r[$field['name']]);
-                echo "<td title=\"$text\"><div>";
-                echo substr($text, 0, $max_content_length);
-                echo (strlen($text) > $max_content_length) ? " ..." : "";
-                echo "</div></td>\n";
+                $value = $r[$field['name']];
+                $html = "<td title=\"" . htmlspecialchars($value) . "\"><div>";
+                // Truncate before conversion, otherwise you could chop off in 
the middle of an entity
+                $html .= htmlspecialchars(substr($value, 0, 
$max_content_length));
+                $html .= (strlen($value) > $max_content_length) ? " ..." : "";
+                $html .= "</div></td>\n";
+                echo $html;
               }
               break;
           }

Modified: mrbs/trunk/web/edit_users.php
===================================================================
--- mrbs/trunk/web/edit_users.php       2010-09-30 12:11:55 UTC (rev 1481)
+++ mrbs/trunk/web/edit_users.php       2010-09-30 13:04:21 UTC (rev 1482)
@@ -224,11 +224,11 @@
             }
             else
             {
-              // strings
-              $text = htmlspecialchars($col_value);
-              $html .= "<td title=\"$text\"><div>";
-              $html .= substr($text, 0, $max_content_length);
-              $html .= (strlen($text) > $max_content_length) ? " ..." : "";
+               // strings
+              $html .= "<td title=\"" . htmlspecialchars($col_value) . 
"\"><div>";
+              // Truncate before conversion, otherwise you could chop off in 
the middle of an entity
+              $html .= htmlspecialchars(substr($col_value, 0, 
$max_content_length));
+              $html .= (strlen($col_value) > $max_content_length) ? " ..." : 
"";
               $html .= "</div></td>\n";
             }
             break;


This was sent by the SourceForge.net collaborative development platform, the 
world's largest Open Source development site.

------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Mrbs-commits mailing list
Mrbs-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mrbs-commits