>>>>> "Roland" == Roland Gruber <[EMAIL PROTECTED]> writes:
Roland> I will provide a fix for this in the next
Roland> release. However, it will not be included in Etch since it
Roland> is not critical/security related.
Hmmm. I think it could still meet the requirements,
regardless. e.g. if you argued it was corrupting data.
Still... Your call.
Roland> As workaround you can set magic_quotes_gpc to "Off" in
Roland> your php.ini file.
Is this likely to have any side effects, e.g. breaking other
applications?
Unfortunately, while this fixes the problem with tree view, it does
not fix the problem with the generated HTML in the personal user
editor - everything appears in the textbox up to the first "
character, and after that everything else appears outside the text
box.
The value needs to be HTML encoded before it is passed as a value to
the HTML textbox.
(This type of thing is normally a security issue - not sure about this
particular case though).
--
Brian May <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
