1
This has been a bug in every version of XOOPS I've used.
If your site name has a single quote in it (i.e., John's XOOPS Site), the site name is truncated at the first occurence of the single quote on the mail form (so in the aforementioned example, the "From Name (email only)" field would read "John" and not "John's XOOPS Site").
I traced this problem to the render() function in /class/xoopsform/formtext.php. This function renders all the text boxes for the page and encloses the value parameter in - of course - single quotes. So, an embedded single quote causes a problem.
I tried the php urlencode() function, but render() is used for *ALL* the fields on the form so it was really mangeling things better left alone like email address. I finally decided that the best thing to do was just convert all single quotes to ' and not worry about anything else. Seems to work just fine, but I'd welcome a better solution if anyone else has one.
Here's the code out of the 2.0.16 codebase:
The file in question is /class/xoopsform/formtext.php. The problem is in the render() function .....
Original:
function render(){
return ".$this->getName()."' id='".$this->getName()."' size='".$this->getSize()."' maxlength='".$this->getMaxlength()."' value='".$this->getValue()."'".$this->getExtra()." />";
}
My Hack:
function render(){
// The following is a fix to resolve the issue that the site name was being truncated in forms if the site name contained a single quote.
// This was happening because the value parameter of the text box is enclosed in single quotes so any single quotes contained therein need to be
// replaced with their URL Encoded equivilant (single quote = '). The original line is remains (commented out) for reference.
// return "getName()."' id='".$this->getName()."' size='".$this->getSize()."' maxlength='".$this->getMaxlength()."' value='".$this->getValue()."'".$this->getExtra()." />";
return ".$this->getName()."' id='".$this->getName()."' size='".$this->getSize()."' maxlength='".$this->getMaxlength()."' value='".str_replace( "'", "'", $this->getValue() )."'".$this->getExtra()." />";
}
JP
