0006869: bug in string_sanitize_url() - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0006869	mantisbt	administration	public	2006-03-18 11:28	2006-05-07 03:51

Reporter	jiangxin	Assigned To	thraxisp
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	fixed
Fixed in Version	1.1.0a1

Summary	0006869: bug in string_sanitize_url()
Description	If apply my bugfix for issue 0006868, this bug appears. File core/string_api.php, line 178, function string_sanitize_url( $p_url ). Howto reproduce this bug: let $p_url = http://.../mantis/query_store_page.php?error_msg=xxx string_sanitize_url( $p_url ) will return http://.../mantis/query_store_page.php?error_msg%3Dxxx error_msg%3D should be error_msg=. bugfix in bugnotes.
Tags	No tags attached.

jiangxin 2006-03-18 11:29 reporter ~0012362 Last edited: 2006-03-18 11:30	bugfix: function string_sanitize_url( $p_url ) { $t_url = $p_url; if ( preg_match( '?http(s)*://?', $t_url ) > 0 ) { // no embedded addresses if ( preg_match( '?^' . config_get( 'path' ) . '?', $t_url ) == 0 ) { // url is ok if it begins with our path, if not, replace it $t_url = 'index.php'; } } else if ( $t_url == '' ) { $t_url = 'index.php'; } // split and encode parameters if ( strpos( $t_url, '?' ) !== FALSE ) { list( $t_path, $t_param ) = split( '\?', $t_url, 2 ); if ( $t_param !== "" ) { $t_vals = array(); $t_param = str_replace( '?','', $t_param ); parse_str( $t_param, $t_vals ); $t_param = ''; $count = 0; foreach($t_vals as $k => $v) { if ($count++ > 0) { $t_param .= '&'; } $t_param .= "$k=" . urlencode( strip_tags( urldecode( $v ) ) ); } return $t_path . '?' . $t_param; } else { return $t_path; } } else { return $t_url; } }

thraxisp 2006-03-19 21:59 reporter ~0012369	Fixed in CVS. core/string_api.php -> 1.81

parent of	0007034	closed	vboctor	Port: bug in string_sanitize_url()
related to	0006868	closed	thraxisp	wrong strpos function call