Bugzilla – Bug 17465
Double quotes aren't being escaped in text fields
Last modified: 2011-09-02 08:37:10 UTC
Double quotes in a string value displayed in a text field in the web interface causes the text to appear truncated. They need to be escaped when being output in a form field.
More info from the forums: "It looks like the search string is directly passed to the SQL query: searching for "don_t" will bring you "don't", searching for "%" will bring you anything (as does a single "*", by the way - not sure it's part of the SQL standard)."
I think you may have gotten your bugs mixed up. That comment has nothing to do with this bug.
Jim - I can reproduce this in the case of the search. Do you see this happen in other places too?
== Auto-comment from SVN commit #33293 to the slim repo by mherger == == http://svn.slimdevices.com/slim?view=revision&revision=33293 == Fixed Bug: 17465 Description: html escape input field values or double quotes would break them
(In reply to comment #3) > Jim - I can reproduce this in the case of the search. Do you see this happen in > other places too? I was talking about anywhere within the web UI, including Settings. I see you've fixed a couple of the settings pages.