In-Portal Issue Tracker

Welcome to the In-Portal Open Source CMS Issue Tracker! This is a central management / tracking tool for all types of tasks / issues / bugs for the In-Portal Project. Before reporting any issues, please make sure to read the Guide into Issue Tracker and How to Properly Test and Report Bugs!

Dependency Graph View Issue ] Relation Graph ] Vertical ]
related to child of duplicate of

Viewing Issue Simple Details
ID Category Type Reproducibility Date Submitted Last Update
0001417 [In-Portal CMS] Database bug report always 2012-10-20 06:44 2012-11-07 10:27
Reporter alex View Status public  
Assigned To alex
Priority normal Resolution fixed  
Status resolved      
Summary 0001417: Data not escaped in "Query Database" section
Description n-Portal "Tools -> Query Database" section where administrator can perform simple database queries and see result right away.

I've noticed that this text from database "test_& amp;_test" (space between "&" and "amp;" add because Mantis breaks it otherwise) is displayed as "test_&_test" on that page. This means, that data isn't escaped before being displayed on a page.
Additional Information

Web Development by Intechnic
In-Portal Open Source CMS
In-Portal Open Source CMS
Copyright © 2000 - 2009 MantisBT Group

Powered by Mantis Bugtracker