Dolphin 7.4.2 Backslash issue in HTML editor

Upgrading to Dolphin 7.4.2 wouldn't work, or probably would if I didn't have so many 3rd party modules and code changes to wiggle around; while juggling with PHP versions.

So I did a clean install.

Now if I type something in 'Basic Settings' using the HTML editor the apostrophe gets a backslash in front of it and empty lines get coded.

ie:

\r\n

We\'re working on it.

 

Does anyone know what's going wrong and how to fix it?

TravelNotes.org - The Online Guide to Travel
Quote · 21 Jul 2020

I've been trying all sorts but am still at a loss.

 

Frown

Software requirements

 

  • PHP: 7.4.8 - OK
    • allow_url_fopen = On - OK
    • allow_url_include = Off - OK
    • magic_quotes_gpc = Off - OK
    • memory_limit = 128.00M - OK
    • post_max_size = 64.00M - OK
    • upload_max_filesize = 64.00M - OK
    • register_globals = Off - OK
    • safe_mode = Off - OK
    • disable_functions = - OK
    • php module: curl = curl - OK
    • php module: gd = gd - OK
    • php module: mbstring = mbstring - OK
    • php module: xsl = xsl - OK
    • php module: json = json - OK
    • php module: fileinfo = fileinfo - OK
    • php module: openssl = openssl - OK
    • php module: zip = zip - OK
    • php module: ftp = ftp - OK
    • php module: calendar = calendar - OK
    • php module: exif = exif - OK
  • MySQL: 10.0.38-MariaDB-cll-lve - OK
  • Web-server: LiteSpeed
    • rewrite_module - OK
TravelNotes.org - The Online Guide to Travel
Quote · 21 Jul 2020

I was starting to wonder if it might only be on the Splash Page or everywhere and didn't want to risk installing more modules until I could track down the problem.

 

Dig around and look in the nooks and crannies for long enough and the answer is always written down somewhere.

 

Wrong backslashing in the Splash area from Basic settings #689

https://github.com/boonex/dolphin.pro/issues/689

 

Then courtesy of Deano

https://www.boonex.com/forums/topic/Bug-in-Splash.htm

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Boonex is going to have to go though dolphin and evaluate there [sic] use of their process_db_input function.

 

So do this.

 

Edit the file administration\basic_settings.php

 

Look for this at about line 41

 

setParam('splash_code',  process_db_input($_POST['code'], CH_TAGS_VALIDATE));

 

Change it to this

 

setParam('splash_code',  clear_xss($_POST['code']));

 

That should fix it.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Off to give it a try.

TravelNotes.org - The Online Guide to Travel
Quote · 21 Jul 2020

Sadly, this was reported over a year ago and the file still hasn't been changed.

 

https://github.com/boonex/dolphin.pro/blob/master/administration/basic_settings.php

TravelNotes.org - The Online Guide to Travel
Quote · 21 Jul 2020

Just a note, Deano references CH_TAGS_VALIDATE

 

but that is Cheetah abbreviation;

 

Of course he meant:

 

Look for

setParam('splash_code', process_db_input($_POST['code'], BX_TAGS_VALIDATE));

 

TravelNotes.org - The Online Guide to Travel
Quote · 21 Jul 2020

There seems to be a similar problem on advanced_settings.php 

> Tag Settings > Ignored words (lower case, comma-separated)

 

Probably served up through lang_file.php

TravelNotes.org - The Online Guide to Travel
Quote · 21 Jul 2020

Nice to see that Deano is keeping an eye on Dolphin issues.

 Cool

https://github.com/deano92964/Cheetah/issues/71

Although it appears he can't reproduce this one.

If there was a Cheetah demo, I could have tried it.

The issue reproduces on the Dolphin Administration Panel Demo:

name: admin

pass: dolphin

http://demo.boonex.com/administration/advanced_settings.php

Click on Tag Settings and save.

Ignored Words (Lower Case, Comma-Separated)

hi, hey, hello, all, i, i'm, i'd, am, for, in, to, a, the, on, it's, is, my, of, are, from, i'm, me, you, and, we, not, will, at, where, there

Becomes

hi, hey, hello, all, i, i\'m, i\'d, am, for, in, to, a, the, on, it\'s, is, my, of, are, from, i\'m, me, you, and, we, not, will, at, where, there

If you navigate to another page in Admin (ie Modules) then back to Advanced Settings > Tag Settings.

 

Note:

In case I didn't make it clear earlier, I'm thinking the issue might need to be fixed in administration\lang_file.php as there are nine instances of process_db_input in that file.

The code at around line 200 looks particularly interesting.

$sFilter = process_db_input($_GET[$sFilterName], BX_TAGS_STRIP);


Or as Deano likes to replace code it:

$sFilter = process_db_input($_GET[$sFilterName], CH_TAGS_STRIP);

TravelNotes.org - The Online Guide to Travel
Quote · 22 Jul 2020

I could be looking in the wrong place for the answer and maybe need to think about

 

inc\tags.inc

or

inc\classes\BxDolTags.php

 

In the database, the issue affects tags_non_parsable in the `sys_options` table; if that helps.

TravelNotes.org - The Online Guide to Travel
Quote · 22 Jul 2020

This issue has been raised several times before. Once again, Deano came to the rescue, but I'm not sure if I have the correct code snippet here. Please try it and see how you go. If it doesn't work, I'll dig deeper.

 

You seem to have located some of Deano's snippet and it's possible you have other issues, but it won't hurt to give this a try. It certainly worked for me:

 

administration\basic_settings.php

Look for this at about line 41

setParam('splash_code',  process_db_input($_POST['code'], BX_TAGS_VALIDATE));

Change it to this

setParam('splash_code',  clear_xss($_POST['code']));

Quote · 22 Jul 2020

I believe I've said it before, why didn't Boonex make Deano an offer to work on the continued development of Dolphin Pro.

His renewed activity could have encouraged other developers to keep their hand in as well; and with a thriving community around the place once more, more Dolphin downloads.

 

This issue has been raised several times before. Once again, Deano came to the rescue, 

 

By the way. I traced down this issue, as mentioned above, then ran into another one with the Tags; on Advanced Settings.

TravelNotes.org - The Online Guide to Travel
Quote · 22 Jul 2020

The issue with the tags in the advanced settings has been found as well. Actually the issue is a problem with any text field in admin settings if you use a quote anywhere in the text field.

I have a fix for it which i will post shortly.

https://www.deanbassett.com
Quote · 23 Jul 2020

 


Or as Deano likes to replace code it:

$sFilter = process_db_input($_GET[$sFilterName], CH_TAGS_STRIP);


That was accidental of course. I was in the wrong code base when i was pasting code.

https://www.deanbassett.com
Quote · 23 Jul 2020

Ok. To fix the tags problem in Admins advanced settings, make the following changes.

Edit inc\classes\BxDolAdminSettings.php

Look for this at about line 79

        $aCategories = explode(',', process_db_input($aData['cat'], BX_TAGS_STRIP));

Replace with this.

        $aCategories = explode(',', strip_tags($aData['cat']));

Look for this at about line 92

                            $aItemsData[$aItem['name']][$sKey] = process_db_input($sValue, BX_TAGS_STRIP);

Replace with this.

                            $aItemsData[$aItem['name']][$sKey] = strip_tags($sValue);

Just under that look for this at about line 94

                        $aItemsData[$aItem['name']] = process_db_input($aData[$aItem['name']], BX_TAGS_STRIP);

And replace with this.

                        $aItemsData[$aItem['name']] = strip_tags($aData[$aItem['name']]);


Thats it. Save it.

Then edit your tags in admin and remove the unwanted slashes.

https://www.deanbassett.com
Quote · 23 Jul 2020

Thanks Deano, you're a star!

Cool

~~~~~~~~~~~~~~~~~~~~~~
Michel - Meta-Travel.com
~~~~~~~~~~~~~~~~~~~~~~

TravelNotes.org - The Online Guide to Travel
Quote · 23 Jul 2020
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.