mantisbt/core filter_api.php,1.73,1.74: msg#00030

Update of /cvsroot/mantisbt/mantisbt/core
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25271/core

Modified Files:
        filter_api.php 
Log Message:
fix for 0004544: Impossible to filter on category which name contains " ' "


Index: filter_api.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/core/filter_api.php,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -d -r1.73 -r1.74
--- filter_api.php      14 Jan 2005 00:36:57 -0000      1.73
+++ filter_api.php      15 Jan 2005 21:51:09 -0000      1.74
@@ -84,7 +84,7 @@
                } else {
                        $t_filter = $custom_filter;
                }
-
+               
                $t_filter = filter_ensure_valid_filter( $t_filter );
 
                if ( false === $t_filter ) {
@@ -216,6 +216,7 @@
                        $t_clauses = array();
 
                        foreach( $t_filter['show_category'] as $t_filter_member 
) {
+                               $t_filter_member = stripslashes( 
$t_filter_member );
                                if ( '[none]' == $t_filter_member ) {
                                        array_push( $t_clauses, 
"$t_bug_table.category=''" );
                                } else {
@@ -354,6 +355,7 @@
                        $t_clauses = array();
 
                        foreach( $t_filter['show_build'] as $t_filter_member ) {
+                               $t_filter_member = stripslashes( 
$t_filter_member );
                                if ( '[none]' == $t_filter_member ) {
                                        array_push( $t_clauses, 
"($t_bug_table.build='')" );
                                } else {
@@ -378,6 +380,7 @@
                        $t_clauses = array();
 
                        foreach( $t_filter['show_version'] as $t_filter_member 
) {
+                               $t_filter_member = stripslashes( 
$t_filter_member );
                                if ( '[none]' == $t_filter_member ) {
                                        array_push( $t_clauses, 
"($t_bug_table.version='')" );
                                } else {
@@ -418,6 +421,7 @@
                        $t_clauses = array();
 
                        foreach( $t_filter['fixed_in_version'] as 
$t_filter_member ) {
+                               $t_filter_member = stripslashes( 
$t_filter_member );
                                if ( '[none]' == $t_filter_member ) {
                                        array_push( $t_clauses, 
"($t_bug_table.fixed_in_version='')" );
                                } else {
@@ -485,6 +489,7 @@
                                                        ( '[any]' != 
strtolower( $t_filter_member ) ) &&
                                                        ( !is_blank( trim( 
$t_filter_member ) ) ) ) {   
                                                        
+                                                       $t_filter_member = 
stripslashes( $t_filter_member );
                                                        if ( '[none]' == 
$t_filter_member ) { # coerce filter value if selecting 'none'
                                                                
$t_filter_member = '';
                                                        }
@@ -986,6 +991,7 @@
                                                                } else {
                                                                        
$t_first_flag = true;
                                                                        
foreach( $t_filter['show_category'] as $t_current ) {
+                                                                               
$t_current = stripslashes( $t_current );
                                                                                
?>
                                                                                
<input type="hidden" name="show_category[]" value="<?php echo $t_current;?>" />
                                                                                
<?php
@@ -1953,6 +1959,7 @@
                                }
                                $t_checked_array = array();
                                foreach ( $p_filter_arr[$t_multi_field_name] as 
$t_filter_value ) {
+                                       $t_filter_value = stripslashes( 
$t_filter_value );
                                        if ( ( 5 == $t_cookie_vers ) && ( 
$t_filter_value == 'any' ) ) {
                                                $t_filter_value = '[any]';
                                        }
@@ -1978,6 +1985,7 @@
                                        }
                                        $t_checked_array = array();
                                        foreach ( 
$p_filter_arr['custom_fields'][$t_cfid] as $t_filter_value ) {
+                                               $t_filter_value = stripslashes( 
$t_filter_value );
                                                if ( ( 5 == $t_cookie_vers ) && 
( $t_filter_value == 'any' ) ) {
                                                        $t_filter_value = 
'[any]';
                                                }



-------------------------------------------------------
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt
Previous by Date:	mantisbt bug_view_advanced_page.php,1.67,1.68 bug_view_page.php,1.70,1.71, Glenn Henshaw
Next by Date:	mantisbt/core filter_api.php,1.74,1.75, Glenn Henshaw
Previous by Thread:	mantisbt bug_view_advanced_page.php,1.67,1.68 bug_view_page.php,1.70,1.71, Glenn Henshaw
Next by Thread:	mantisbt/core filter_api.php,1.74,1.75, Glenn Henshaw
Indexes:	[Date] [Thread] [Top] [All Lists]
<Prev in Thread]	Current Thread	[Next in Thread>