Reproducing steps:
1) Go to a plugin Options page.
2) Type an & sign into a text form field
3) Click update
4) On the result page, the form field will contain & instead &
It seems GT::CGI->html_escape() method is called somewhere, since all following chars are converted to its html entity:
& => &
< => <
> => >
" => "
Seems called within GT::Plugins::Manager->load_options():
This is not fine, expecially if the text field is used internally in plugin, and not displayed on a html page...
Alex, GT staff, could you analyze this problem and fix it?
Is that html_escape call really needed? What are the reasons?
Best regards,
Webmaster33
Paid Support from Webmaster33. Expert in Perl programming & Gossamer Threads applications. (click here for prices)
Webmaster33's products (upd.2004.09.26) | Private message | Contact me | Was my post helpful? Donate my help...
1) Go to a plugin Options page.
2) Type an & sign into a text form field
3) Click update
4) On the result page, the form field will contain & instead &
It seems GT::CGI->html_escape() method is called somewhere, since all following chars are converted to its html entity:
& => &
< => <
> => >
" => "
Seems called within GT::Plugins::Manager->load_options():
Code:
$val = GT::CGI->html_escape ($val);This is not fine, expecially if the text field is used internally in plugin, and not displayed on a html page...
Alex, GT staff, could you analyze this problem and fix it?
Is that html_escape call really needed? What are the reasons?
Best regards,
Webmaster33
Paid Support from Webmaster33. Expert in Perl programming & Gossamer Threads applications. (click here for prices)
Webmaster33's products (upd.2004.09.26) | Private message | Contact me | Was my post helpful? Donate my help...