In-Portal Issue Tracker - In-Portal CMS
|
Viewing Issue Advanced Details |
|
ID:
|
Category:
|
Type:
|
Reproducibility:
|
Date Submitted:
|
Last Update:
|
1014 |
[In-Portal CMS] Database |
bug report |
always |
2011-03-13 05:55 |
2011-09-19 16:09 |
|
Reporter:
|
alex |
Platform:
|
|
|
Assigned To:
|
alex |
OS:
|
|
|
Priority:
|
normal |
OS Version:
|
|
|
Status:
|
closed |
Product Version:
|
5.1.2-B2 |
|
Product Build:
|
|
Resolution:
|
fixed |
|
|
ETA:
|
none |
Fixed in Version:
|
5.1.3-B1 |
|
Reference:
|
https://groups.google.com/d/topic/in-portal-bugs/O0Ln5E6E4yY/discussion https://groups.google.com/d/topic/in-portal-bugs/AQ7PqO7GFMo/discussion |
Change Log Message:
|
Fixes form value not escaped in kLEFTFormatter class |
Estimate Points:
|
0 |
|
Summary:
|
0001014: Unable to select user, that has ' in it's username |
Description:
|
In-Portal uses formatter classes to transform database values into human readable form and back.
Class kLEFTFormatter in particular is used along with user selectors to convert username selected into ID and back. I've recently discovered, that it doesn't escape value from the form before checking it's presence in database resulting sql error, when username has ' in it. |
Steps To Reproduce:
|
|
Additional Information:
|
|
Relationships | related to | 0000964 | closed (5.2.0) | alex | Improvements to user Login field |
|
Attached Files:
|
left_formatter_sql_error_when_field_contains_single_quote.patch (1,145) 2011-03-13 05:55 http://tracker.in-portal.org/file_download.php?file_id=963&type=bug |
|
Issue History |
Date Modified |
Username |
Field |
Change |
2011-09-19 16:09 |
alex |
Note Added: 0003869 |
|
2011-09-19 16:09 |
alex |
Status |
resolved => closed |
2011-05-20 03:01 |
alex |
Note Added: 0003430 |
|
2011-05-20 03:01 |
alex |
Status |
reviewed and tested => resolved |
2011-05-20 03:01 |
alex |
Fixed in Version |
=> 5.1.3-B1 |
2011-05-20 03:01 |
alex |
Resolution |
open => fixed |
2011-05-20 03:01 |
alex |
Assigned To |
!COMMUNITY => alex |
2011-05-20 03:01 |
alex |
Changeset attached |
5.1.x r14322 |
2011-04-04 11:49 |
Dmitry |
Target Version |
Icebox => 5.1.3 |
2011-03-14 05:50 |
phil |
Note Added: 0003295 |
|
2011-03-14 05:50 |
phil |
Status |
needs testing => reviewed and tested |
2011-03-14 05:50 |
phil |
Note Deleted: 0003294 |
|
2011-03-14 05:49 |
phil |
Note Added: 0003294 |
|
2011-03-13 06:47 |
alex |
Relationship added |
related to 0000964 |
2011-03-13 06:44 |
alex |
Reference |
https://groups.google.com/d/topic/in-portal-bugs/O0Ln5E6E4yY/discussion => https://groups.google.com/d/topic/in-portal-bugs/O0Ln5E6E4yY/discussion https://groups.google.com/d/topic/in-portal-bugs/AQ7PqO7GFMo/discussion |
2011-03-13 05:58 |
alex |
Assigned To |
=> !COMMUNITY |
2011-03-13 05:58 |
alex |
Developer |
=> alex |
2011-03-13 05:58 |
alex |
Status |
active => needs testing |
2011-03-13 05:57 |
alex |
Reference |
=> https://groups.google.com/d/topic/in-portal-bugs/O0Ln5E6E4yY/discussion |
2011-03-13 05:55 |
alex |
New Issue |
|
2011-03-13 05:55 |
alex |
File Added: left_formatter_sql_error_when_field_contains_single_quote.patch |
|
2011-03-13 05:55 |
alex |
Change Log Message |
=> Fixes form value not escaped in kLEFTFormatter class |