[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Phpgroupware-developers] Bug in 0.9.14
|
From: |
/Angles/ Puglisi |
|
Subject: |
Re: [Phpgroupware-developers] Bug in 0.9.14 |
|
Date: |
Tue, 05 Feb 2002 20:07:30 +0000 |
The prefs DB is slightly different from other DB tables in that is uses a
serialized
array as it native format. The php "serialize" function is made for this
purpose,
and prefs DB is a really cool implementation of this. As a by-product, it is
particularly sensitive to 4 or 5 chars that deal with quotes and escaping. Much
progress has been made on this issue at the DB level and I understand how
difficult
it is because every DB requires slightly different handling of these chars.
There
are the "database offensive" chars: " ' \ /
and maybe others. Over the months it seems only the forward slash still trashes
the
prefs, and that's probably what you experience here.
I'm not familiar with the invoices DB, but if it has a similar issue, check out
these 2 functions in /email/inc/class.msg_mail.inc.php (i'm going by memory)
htmlquotes_encode (which I later made an alias to with "DB_defange_encode")
htmlquotes_decode (same for "DB_defang_decode")
Simply, it replaces those chars with html entities like """, which is an ugly
hack but it works. The php function by a similar name requires an additional
flag to
get the single quote char, and also it is buggy in php3, so I just use
ereg_replace
in those functions instead. Any function the converts these "database offensive"
chars to something else, then reverses the process, as the last thing in the DB
and
the first thing out of the DB, can do the same thing. For examlple, I think
urlencode would work too.
Chris Weiss (address@hidden) wrote*:
>
>The prefs being lost was also a bug I encountered in email preferenses to.
>Angles
>simply made the his prefs db safe before setting them.
>
>Michael Meskes (address@hidden) wrote*:
>>
>>I just found an ugly bug in 0.9.14. We have huge problems getting invoices
>>printed correctly due to font and currency problems (gotta hate that euro
>>symbol). To test whether we have a misconfiguration we tried several
>>different ways to enter the symbol. In particular we tried "\" because
>>we weren't sure if the ampersand needed to be escaped. The result of this
>>entry is that all my preferences were lost. Nothing there anymore. I guess
>>the escaped & hurts the php scripts, but then we should not accept this
>>input IMO.
>>
>>Michael
>>
>>_______________________________________________
>>Phpgroupware-developers mailing list
>>address@hidden
>>http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
>>
>
>
>_______________________________________________
>Phpgroupware-developers mailing list
>address@hidden
>