| Summary | Filenames containing a ' produce javascript errors |
| Queue | Gollem |
| Queue Version | HEAD |
| Type | Bug |
| State | Resolved |
| Priority | 1. Low |
| Owners | |
| Requester | gus (at) pbx (dot) org |
| Created | 04/24/2006 (7180 days ago) |
| Due | |
| Updated | 04/24/2006 (7180 days ago) |
| Assigned | |
| Resolved | 04/24/2006 (7180 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
State ⇒ Resolved
State ⇒ Unconfirmed
Priority ⇒ 1. Low
Type ⇒ Bug
Summary ⇒ Filenames containing a ' produce javascript errors
Queue ⇒ Gollem
gives javascript errors.
I believe the bug stems from:
gollem/manager.php line 400:
$item['link'] = Horde::link('#', '', '', '', "view('$url', '" .
$val['name'] . "'); return false;") . $name . '</a>';
where it is passing $val['name'] .. I have tried wrapping this in
addslashes() and htmlspecialchars(,ENT_QUOTES) however neither one of
them fixes the errors, however there are no longer any 's in the
string..
The _EXACT_ error in IE is:
Error: Expected ')'
the line it presents is never near one of the lines that has a
filename with a single quote (possibly javascript document.write
somewhere)
investigating further...