(This post was last modified: 09.08.2010, 19:18 by Lekensteyn.)
09.08.2010, 18:45
Memo (Notitzen):
The input got escaped before entering the database.
This shouldn't be done; the database should contain the relevant text only, escaping HTML should be done when outputting data.
Reports (Berichte):
My village is named "<I>WUT</I>".
"<I>WUT</I> beliefert woot"
In the database (urlencoded): "%26lt%3BI%26gt%3BWUT%26lt%3B%2FI%26gt%3B beliefert woot".
That shouldn't be HTML escaped there...
Mail (Nachtrichten):
Enter something in "Betreff" (e.g. "xx") and in the message (e.g. "xxx"), leaving "An:" empty.
A blank page will show up, with the message "aLang Error: e not found!".
The "vorschau" button isn't working correctly.
It should display a preview of the message, even if there is no subject and receiver entered.
BB-codes does not function.
Messages can't be forwarded.
The error message doesn't say anything...
"Darfst das nicht..."
The input got escaped before entering the database.
This shouldn't be done; the database should contain the relevant text only, escaping HTML should be done when outputting data.
Reports (Berichte):
My village is named "<I>WUT</I>".
"<I>WUT</I> beliefert woot"
In the database (urlencoded): "%26lt%3BI%26gt%3BWUT%26lt%3B%2FI%26gt%3B beliefert woot".
That shouldn't be HTML escaped there...
Mail (Nachtrichten):
Enter something in "Betreff" (e.g. "xx") and in the message (e.g. "xxx"), leaving "An:" empty.
A blank page will show up, with the message "aLang Error: e not found!".
The "vorschau" button isn't working correctly.
It should display a preview of the message, even if there is no subject and receiver entered.
BB-codes does not function.
Messages can't be forwarded.
The error message doesn't say anything...
"Darfst das nicht..."
![[Image: dsconnect.jpg]](http://dstools.agrafix.net/dsconnect.jpg)