• Welcome to The Cave of Dragonflies forums, where the smallest bugs live alongside the strongest dragons.

    Guests are not able to post messages or even read certain areas of the forums. Now, that's boring, don't you think? Registration, on the other hand, is simple, completely free of charge, and does not require you to give out any personal information at all. As soon as you register, you can take part in some of the happy fun things at the forums such as posting messages, voting in polls, sending private messages to people and being told that this is where we drink tea and eat cod.

    Of course I'm not forcing you to do anything if you don't want to, but seriously, what have you got to lose? Five seconds of your life?

Bug: HTML decoding in CTs

I

IIMarckus

&
Seems that somewhere along the line CTs are improperly encoded or decoded.

Example: I set my CT to &. Everything displays correctly.

I edit my details again without changing anything in the CT field. My CT now magically becomes & and displays that way in posts.
 
Last time I checked, this wasn't the vBulletin bug tracker.

Of course, theirs requires that you log in, which probably requires that you have a valid license.

Judging by the fact that the title is encoded when it is output onto the textfield, and not after it is submitted, I'm guessing vBulletin is doing htmlspecialchars on it after retrieving it from the database and forgetting to decode it after submitting it. For a hackish workaround just replace the ampersand in the custom title field with a new one each time you edit details.
 
You must log in or register to reply here.
Back
Top Bottom