Ticket #1279 (new bug)

Opened 2 years ago

Last modified 3 months ago

Signup sucks if quote are use if Name, first name or address

Reported by: jeanyves Owned by: Micha
Priority: critical Milestone: unassigned
Component: BW General Keywords: signup quote
Cc: micha, lupochen

Description

It results in a generic exception

Input should be escaped

This is critical bug

Change History

comment:1 Changed 2 years ago by jeanyves

  • Owner set to jeanyves

comment:2 Changed 2 years ago by jeanyves

  • follow_up changed from none to test on alpha

comment:3 Changed 2 years ago by jeanyves

  • Owner changed from jeanyves to Micha

I just realized that in fact this bug was probably solved by the urlencode in enc.inc.php (it was done on admincrypted value and not on membercrypted value, this was what was creating the bug).

Since while fixing the line breaks and the \ problem in profile data, I moved it in prod (it has been successfuly tetsed in Alpha). So I think this also solve part of the problem in Signup. It is possible to signup with quote in FullName? (the system doesn 't generate an exception)

But the whole fix is still to be moved since they are still missing escaping which I have also fixed in the signup.model. It works in alpha, The problem is that I miss the overview with the new MOD_MAIL thing (last time I tried to move it on prod I was to revert).

It is to move in production (and to b tested there)

comment:4 Changed 2 years ago by globetrotter_tt

Has anybody tested this already?

comment:5 Changed 3 months ago by jeanyves

  • Cc micha, lupochen added; micha lupochen removed

There is still a bug to fix

there is no more exception if someone signup in avenue de la toison d'or it result in avenue de la toison d

comment:6 Changed 3 months ago by globetrotter_tt

  • follow_up changed from test on alpha to review code
Note: See TracTickets for help on using tickets.