Actions
Bug #9776
closedWrong function in squidguard_log.php
Start date:
09/20/2019
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
There is an error on squidguard_log.php
This function needs to be changed
function squidguard_prepfor_JS($cont) {
# replace for JS
$cont = str_replace("\n", "\\n", $cont);
$cont = str_replace("\r", "\\r", $cont);
$cont = str_replace("\t", "\\t", $cont);
$cont = str_replace("\"", "\'", $cont);
$cont = str_replace("'", "\'", $cont);
return $cont;
}
The $cont = str_replace("'", "'", $cont); needs to be before the $cont = str_replace(""", "'", $cont);
Because if the replace of ' to \' before the " to \' will cause a ' to be changed to \\' and will generate an html with ' inside ' without escape.
This causes to config files with ' to not be displayed when we change the view to show the config file
Updated by Viktor Gurov about 4 years ago
Updated by Jim Pingle about 4 years ago
- Status changed from New to Pull Request Review
Updated by Renato Botelho almost 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
PR has been merged. Thanks!
Updated by Viktor Gurov almost 4 years ago
- Status changed from Feedback to Resolved
squidGuard 1.16.18_5 - works fine
Actions