XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module troubleshooting 
  4.  / Weird chars in News notification message
Register
1
marcan
Weird chars in News notification message

  • 2004/4/5 18:49

  • marcan

  • Just can't stay away

  • Posts: 824

  • Since: 2003/10/8


In the news module, when an article's title contains an apostrophe, the message received by the user contains the special chars. Exemple :

Title : L'armée du salut

The notification email received for this new article looks like this :

Quote:
Hello marcan,

A new story "L \ & # 0 3 9 ; armée du Salut" has been added at


I include spaces between the letters wo they don't get interpreted. But, strip the spaces in L \ & # 0 3 9 ; and this is what the user received. Not pretty hey ?

I had a '\' problem in the notification of the MyLinks module but I was able to solve it by adding 'stripslahes' to the title. However, in the news module, I did not find a solution.


Anyone can help ?

Thanks !
2
Mithrandir
Re: Weird chars in News notification message

Looking into the route, the title takes before being in the message, I don't find anything being done about apostrophes.

The title is taken directly from the news subject without any sanitation and put in the extra tags array.

in XoopsNotificationHandler::trigger_event() nothing is done to the extra tags

in XoopsNotification::notifyUser, the tags are run through a preg_replace("/&/i", '&', $v) if the notification is sent by email

in XoopsMailer::send, the tags are run through a simple preg_replace to get the value in the place of the placeholders in the mail template - again without sanitation.

I am not an expert, so I cannot say if there should be a sanitation - and if so, then which action should be taken.
3
marcan
Re: Weird chars in News notification message

  • 2004/4/5 19:08

  • marcan

  • Just can't stay away

  • Posts: 824

  • Since: 2003/10/8


Thanks Mithrandir

Could someone tell me what sanitation is better recommended in that purpose and where in the process to insert it.

Thanks !
4
ouioui
Re: Weird chars in News notification message

  • 2004/4/6 15:07

  • ouioui

  • Just popping in

  • Posts: 32

  • Since: 2003/7/11


Hi,

I have the same probleme with " ' " when i use xoopsmailer with the methode assign.
Is someone can help me ?

Best regards
Bruno
5
marcan
Re: Weird chars in News notification message

  • 2004/4/6 15:45

  • marcan

  • Just can't stay away

  • Posts: 824

  • Since: 2003/10/8


Here is what I did as a temporary solution.

Basically, what we want to do is 'sanitize' the title of the notification. This value is normally set in that way :
Quote:
$tags['STORY_NAME'] = $subject;

The new way should then be something like this :
Quote:
$tags['STORY_NAME'] = Sanitize_For_Notification($subject);


So I created the other function. In class/module.textsanitizer.php, just before those lines :
Quote:
##################### Deprecated Methods ######################

I added this new function :
Quote:
/**
* Prepare a string to be sent by notifiction (by marcan)
*
* @param string $text
* @return string
**/
function &prepareForNotification(&$text)
{
return stripslashes($this->undoHtmlSpecialChars($text));
}

This function clears all the unwanted chars. Then, in every module that uses the notification you would have to 'sanitize' the text. Here is an example with the news module.

In news/admin/index.php, around line 366 in the Function addTopic(), change this :
Quote:
$tags['TOPIC_NAME'] = $HTTP_POST_VARS['topic_title'];

For this :
Quote:
// Hack by marcan to display the title in a good format, without ''' symbols...
$myts =& MyTextSanitizer::getInstance();
// $tags['TOPIC_NAME'] = $HTTP_POST_VARS['topic_title'];
$tags['TOPIC_NAME'] = $myts -> prepareForNotification($HTTP_POST_VARS['topic_title']);
// End of hack by marcan

Then, in that same file, around line 590, change this :
Quote:
$tags['STORY_NAME'] = $story -> title();

With for :
Quote:
// Hack by marcan to display notification in a good format
$myts =& MyTextSanitizer::getInstance();
// $tags['STORY_NAME'] = $story -> title();
$tags['STORY_NAME'] = $myts -> prepareForNotification($story -> title());
// End of hack by marcan

This fixes the notification when a news is submitted via the admin side. Here's what you need to do in order to fix it for when a user submit an article.In submit.php, around line 110, change this :
Quote:
// $tags['STORY_NAME'] = $subject;

For this :
Quote:
// Hack by marcan to display notification in a good format
$myts =& MyTextSanitizer::getInstance();
// $tags['STORY_NAME'] = $subject;
$tags['STORY_NAME'] = $myts -> prepareForNotification($subject);
// End of hack by marcan

That's it. This worked for me !

Now 2 questions :
1- Is it working for you ?
2- Coders : is it the good way to do it?
6
Mithrandir
Re: Weird chars in News notification message

1) Haven't tested, but will do
2) I don't know if the name of the function is that good - might be a little more general applicable and hence needing a little more descriptive name, but as long as the function is for text sanitation and in the textsanitizer class, I think it is a good way

As you can see, the deprecated functions have very specific names and that may be the reason why they are deprecated to give way to more generic functions (but I don't know for sure - it's a guess)

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

319 user(s) are online (236 user(s) are browsing Support Forums)

Members: 0

Guests: 319

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits