Kunena 7.0.4 Released

The Kunena team has announce the arrival of Kunena 7.0.4 [K 7.0.4] in stable which is now available for download as a native Joomla extension for J! 5.4.x/6.0.x. This version addresses most of the issues that were discovered in K 6.2 / K 6.3 / K 6.4 and issues discovered during the last development stages of K 7.0

Question FIX: html special characters appearing in subject and reply subject

More
17 years 1 week ago - 17 years 1 week ago #13447 by bytebandit01
FIX: html special characters appearing in subject and reply subject was created by bytebandit01
if you are having this characters displayed in the subject and in the reply subject..

* '&' (ampersand) becomes &amp
* '"' (double quote) becomes &quot when ENT_NOQUOTES is not set.
* ''' (single quote) becomes &#039 only when ENT_QUOTES is set.
* '<' (less than) becomes &lt
* '>' (greater than) becomes &gt


here's a possible fix that i used..
\components\com_kunena\template\default\fb_write.html.php
line 39:
Code:
<span class = "fb_title fbl"> <?php echo _POST_MESSAGE; ?>"<?php echo $objCatInfo->name; ?>"</span>

replace with:
Code:
<span class = "fb_title fbl"> <?php echo _POST_MESSAGE; ?>"<?php echo html_entity_decode_utf8(stripslashes($objCatInfo->name), ENT_COMPAT, 'UTF-8'); ?>"</span>


\components\com_kunena\template\CURRENT_TEMPLATE_USED(e.g. default_ex)\message.php
line 67:
Code:
<span class = "<?php echo $msgtitle; ?>"><?php echo $msg_subject; ?> </span> <span class = "msgdate" title="<?php echo $msg_date; ?>"><?php echo $msg_time_since; ?></span>

replace with:
Code:
<span class = "<?php echo $msgtitle; ?>"><?php echo html_entity_decode_utf8(stripslashes($msg_subject), ENT_COMPAT, 'UTF-8'); ?> </span> <span class = "msgdate" title="<?php echo $msg_date; ?>"><?php echo $msg_date; ?></span>

note: for default template it is..
\components\com_kunena\template\default\message.php it is around line 200:

edit: i did upgraded from kunena 1.08 to 1.08 maybe that's why i still have those special characters appearing from my old messages. if anyone is encountering the same, feel free to use the steps above, as it did work for me.
Last edit: 17 years 1 week ago by bytebandit01.

Please Log in or Create an account to join the conversation.

More
17 years 1 week ago #13542 by Matias
Replied by Matias on topic Re:SOLUTION: html special characters appearing in subject and reply subject
This is only for the old messages, right?

Even better solution would be to replace all &amp;s etc in the database with the right characters. Does someone want some exercise? :)

Please Log in or Create an account to join the conversation.

More
17 years 1 week ago - 17 years 1 week ago #13581 by bytebandit01
Replied by bytebandit01 on topic test's
perhaps it's with the old messages.. since i upgraded from 1.08 to 1.09..

i can't confirm this one now since i am using those patches already.. so far it's working as intended - no more html special characters appearing from the subject line.
Last edit: 17 years 1 week ago by bytebandit01.

Please Log in or Create an account to join the conversation.

More
17 years 2 days ago #14025 by Matias
Replied by Matias on topic Re:test's
If you are using that patch, you're opening your site to javascript attacks towards your users.

Better solution would be to fix the messages.

Please Log in or Create an account to join the conversation.

More
17 years 2 days ago #14054 by bytebandit01
Replied by bytebandit01 on topic Re:test's
hi Matias.. thanks for the information on this.. i wanted to resolve this now by reverting back to the original fb_write.html.php and message.php. i will follow your advise.

i'm now interested in that exercise. if you can share an sql query for it, i'd appreciate it as am no well-verse with that stuff anymore.

Please Log in or Create an account to join the conversation.

More
17 years 2 days ago #14067 by Matias
Replied by Matias on topic Re:test's
Hmm.. Just run this:

UPDATE `jos_fb_messages` SET `subject` = REPLACE(`subject`, "&amp;", "&");
UPDATE `jos_fb_messages` SET `subject` = REPLACE(`subject`, "&quot;", "\"");
UPDATE `jos_fb_messages` SET `subject` = REPLACE(`subject`, "&#039;", "'");
UPDATE `jos_fb_messages` SET `subject` = REPLACE(`subject`, "&lt;", "<");
UPDATE `jos_fb_messages` SET `subject` = REPLACE(`subject`, "&gt;", ">");

I would like to know: did it work? :)

Please Log in or Create an account to join the conversation.

Time to create page: 0.263 seconds