Shawn: We reported this defect as well with our 7.6.04 installation, and it seems to happen with ANY kind of related ticket you create via Create Related Request under Quick Links. There was also a problem with a single quote in the Summary or Notes field also truncating everything past the first single-quote when we went to create a related ticket, but in that case, we could at least create the related tickets!
There was a partial fix that came out for this that fixed the single-quote issue, but the double-quote problem was still there. We reported that back to BMC and as far as I know, they were supposed to eventually fix the double-quote problem. I'm not sure offhand whether the hotfix that Marika reported was the fix for the single-quote problem or the actual fix for the double-quote problem. This was like 2 years ago, so my memory's a bit foggy on the details! We have a Sandbox environment for 8.1, and the problem seems to be fixed there, though that's been patched and our overlays applied. I'd test a virgin install of 8.x to be sure. Natalie Stroud SAIC @ Sandia National Laboratories ARS-ITSM Reporting Specialist Albuquerque, NM USA nkst...@sandia.gov<mailto:nkst...@sandia.gov> ITSM 7.6.04 SP2 - Windows 2003 - SQL Server 2008 From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Pierson, Shawn Sent: Thursday, January 16, 2014 11:54 AM To: arslist@ARSLIST.ORG Subject: [EXTERNAL] ITSM 7.6.4 Defect with Double Quotes ** Good afternoon, I thought I'd run this past you all. With BMC moving toward using a lot more run process types of workflow, I've noticed several things failing and I wanted to see if anyone has identified a good fix other than us customers doing a full code review of ITSM and building error handling code into their stuff. For example, my user has an Incident with a summary of something like: This is a "test" where I am testing. When the user goes to create a related Change Request from that Incident, it errors out when trying to save the Change Request. It appears to start from the beginning in the active link INT:CHGHPD:INC:CreateAssociation_Change_003 where it sets a field to do a PERFORM-ACTION-SEND-EVENT action, then sends the contents of that field (including quotation marks which are not escaped out) to actually run. The result is that my user gets a Change Request screen open, but it doesn't set all of the fields that would be set if there weren't double quotes, and he is unable to save the CRQ because it is missing the Incident Number and generates an error trying to create the Change Association record. I'm going to test this same thing in 8.1 to see if anything has been done about it there, but it seems like a potential security risk in addition to just causing users trouble. I wonder if I can execute batch files from there? Thanks, Shawn Pierson Remedy Developer | Energy Transfer Private and confidential as detailed here<http://www.energytransfer.com/mail_disclaimer.aspx>. If you cannot access hyperlink, please e-mail sender. _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
