Project

General

Profile

Actions
Copy link

Bug #9776

closed

Wrong function in squidguard_log.php

Added by 2S Suchorski GAPLS over 4 years ago. Updated almost 4 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Renato Botelho
Category:
squidguard
Target version:
-
Start date:
09/20/2019
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:

Description

There is an error on squidguard_log.php
This function needs to be changed

function squidguard_prepfor_JS($cont) {
        # replace for JS
        $cont = str_replace("\n", "\\n", $cont);
        $cont = str_replace("\r", "\\r", $cont);
        $cont = str_replace("\t", "\\t", $cont);
        $cont = str_replace("\"", "\'",  $cont);
        $cont = str_replace("'", "\'",  $cont);
        return $cont;
}

The $cont = str_replace("'", "'", $cont); needs to be before the $cont = str_replace(""", "'", $cont);
Because if the replace of ' to \' before the " to \' will cause a ' to be changed to \\' and will generate an html with ' inside ' without escape.
This causes to config files with ' to not be displayed when we change the view to show the config file

Actions
Copy link
 #1

Updated by Jim Pingle over 4 years ago

  • Category set to squidguard
Actions
Copy link
 #3

Updated by Jim Pingle about 4 years ago

  • Status changed from New to Pull Request Review
Actions
Copy link
 #4

Updated by Renato Botelho almost 4 years ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions
Copy link
 #5

Updated by Viktor Gurov almost 4 years ago

  • Status changed from Feedback to Resolved

squidGuard 1.16.18_5 - works fine

Actions
Copy link

Also available in: Atom PDF