1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fixed Edit Message html special characters

Discussion in 'Resolved Bug Reports' started by MattW, Jul 10, 2013.

  1. MattW

    MattW Well-Known Member

    Tested on two sites (dev of live site and new XF install for 2nd licence), both on 1.2 Beta 5

    When editing a message:


    Initial pop up is fine

    Clicking more options
    allewreK and Chris D like this.
  2. allewreK

    allewreK Active Member

    I have the same bug in Ubuntu 13, Chrome & Firefox, and on iPhone (Safari & Chrome).

    If anyone could give me a tempory fix before the next release, if would be great, that's a really annoying bug on my forum.
  3. Kier

    Kier XenForo Developer Staff Member

    Can you reproduce the problem here on XenForo.com? So far, I have been unable to.
  4. Sheratan

    Sheratan Well-Known Member

    I can reproduce this in my site (1.2 Beta 5)

    Win 7 64-bit SP 1 Chrome 27.0.1453.116 m

    But I can not reproduce in here (xenforo.com)
  5. Brogan

    Brogan XenForo Moderator Staff Member

    Long shot but what is the charset and collation of your DB?

    I can't reproduce this on any of my local installs - clean install and upgrades.
  6. MattW

    MattW Well-Known Member


    Have just tried on my local install as well on Ubuntu 13.04 and it's doing it on there also.

    EDIT: Also tried on a localhost 1.2 Beta 1 running on my WAMP set up, and it's doing it on there.
    Last edited: Jul 10, 2013
  7. Sheratan

    Sheratan Well-Known Member

    collation: utf8_general_ci
    engine: InnoDB
    charset: utf8

    Upgraded from 1.1.5 > Beta 1 > Beta 3 > Beta 4 > Beta 5
    Last edited: Jul 10, 2013
  8. MattW

    MattW Well-Known Member

    Also to add, it doesn't do it on XF 1.1.5 running on the same server.
  9. Kier

    Kier XenForo Developer Staff Member

    Just to confirm, you see this happening with Beta *1*? I was in the process of trying to work out if it was something that changed between Beta 4 and 5, but I'll abandon that quest if you're sure you're seeing it with Beta 1.
  10. MattW

    MattW Well-Known Member


    beta1.PNG beta2.PNG
  11. MattW

    MattW Well-Known Member

    I can give you full access to the dev site if you want to take a look at anything.
  12. Kier

    Kier XenForo Developer Staff Member

    That might be helpful, thanks.
    MattW likes this.
  13. MattW

    MattW Well-Known Member

    Just sent you the details via PC
    Kier likes this.
  14. allewreK

    allewreK Active Member

    I have the same problem on beta 5 (I directly upgraded from 1.1.4 to 1.2 beta 4 btw). Both ubuntu 13 localhost, and production server.

    EDIT : Even with enableListeners to false (no addons).
    EDIT2 : Same with default style & language.
  15. allewreK

    allewreK Active Member

    When I have a look to the html of the overlay editor, we can see that it's allready being escaped, with htmlspecialchars I guess.


    It looks like it's then sending via a POST request to the full inline editor.

    EDIT :

    Message looks fine in DB :
    Last edited: Jul 10, 2013
  16. Kier

    Kier XenForo Developer Staff Member

    FWIW, I can reproduce the problem on your site, @MattW
  17. allewreK

    allewreK Active Member

    In XenForo_ViewPublic_Helper_Editor, on line 80, if I change :
    $messageHtml $bbCodeParser->render($message, array('lightBox' => false));
    to :
    $messageHtml $message;
    I do not have the problem anymore. (that's not a fix, just for Kier).
  18. Liam W

    Liam W Well-Known Member

    I have this error as well, Beta 5. On my live site, and my localhost install. Linux & Windows respectively.
  19. Mike

    Mike XenForo Developer Staff Member

    This might be a PHP 5.4 "regression", though I think the behavior before might've actually been bugged. Based on this code, it doesn't look like we tried to convert single quote entities back but obviously it works on different PHP versions. 5.4 may have fixed this.

    So the simple thing is to simple change the argument to say to convert single quotes, so fixed.
  20. MattW

    MattW Well-Known Member

    I had this happening on 5.4 and 5.5 if that makes any difference?

Share This Page