View Issue Details

Related ChangesetsJump to NotesJump to History
This bug affects 1 person(s).
 4
IDProjectCategoryView StatusDate SubmittedLast Update
08887Bug reportsSurvey editingpublic2014-03-21 09:452014-04-04 10:26
ReporterDenisChenu Assigned ToDenisChenu  
PrioritynormalSeverityminor 
Status closedResolutionfixed 
Product Version2.05+ 
Fixed in Version2.05+ 
Summary08887: Question text / admin : unable to use & gt ; (and a a lt ;)
Description

When try to use " 1 & lt ; 2 " this was updated to 1 < 2, this broke HTML validation.
And more this disallow to put some "script for doc" in question text:

Steps To Reproduce

Deactivate XSS or log in admin and try to put
some math

example of question : Yes/No:
1 + 3 < 5

Or some script example (see the included text file)

Additional Information

unable to use :& #123 ; or & #125 ; for { } and deactivate EM too.

Answers part aren't recoded

The bug is here :
https://github.com/LimeSurvey/LimeSurvey/blob/master/application/controllers/admin/database.php#L361

And more, this line :
https://github.com/LimeSurvey/LimeSurvey/blob/master/application/controllers/admin/database.php#L364

Need to be moved in LSYii_Validators class and Question::model (I think)

TagsNo tags attached.
Attached Files
simplejs.txt (105 bytes)    
<pre>
&lt;script&gt;
$(function() {
    $("#question&#123;QID&#125;").hide();
});
&lt;/script&gt;
</pre>
simplejs.txt (105 bytes)   
Bug heat4
Complete LimeSurvey version number (& build)140320
I will donate to the project if issue is resolvedNo
Browsernot relevant (FF23)
Database type & versionnot relevant
Server OS (if known)debian/linux
Webserver software & version (if known)apache
PHP VersionPHP Version 5.3

Relationships

Relationship GraphDependency Graph
related to 08818 closedDenisChenu Bug reports Comparison operators (< and >) get converted to HTML-entities in expressions in questions 
Not all the children of this issue are yet resolved or closed.

Users monitoring this issue

There are no users monitoring this issue.

Activities

DenisChenu

DenisChenu

2014-03-21 09:50

developer   ~29475

No problem to take the bug and fix it before Thuersday, but someine know the reason of this line ?

With HTML editor in popup : é stay é (not & eacute ;) and < replaced by & lt ; : it's OK for me (and <strong>toto</strong> stay like that)
c_schmitz

c_schmitz

2014-03-21 09:55

administrator   ~29476

I think it is an old left-over.
DenisChenu

DenisChenu

2014-03-21 10:06

developer   ~29478

Yes so am i, and think CK editor are updated and don't need : fixCKeditorText

I have a look for this one too
DenisChenu

DenisChenu

2014-03-21 10:06

developer   ~29479

Set to feedback if someone see a reason of this.
DenisChenu

DenisChenu

2014-03-21 16:17

developer   ~29496

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&amp;id=14056
DenisChenu

DenisChenu

2014-03-21 16:20

developer   ~29498

For fckEditor:
https://github.com/LimeSurvey/LimeSurvey/commit/c4e45cc613a0b0e123afbfd8186a0cb3c07ee2f9#diff-4c8b6e0396ccd2f7fad4f57489b63b06L147
c_schmitz

c_schmitz

2014-04-04 10:26

administrator   ~29674

2.05+ Build 140404 released.

Related Changesets

LimeSurvey: master c4e45cc6

2014-03-21 15:17:13

DenisChenu

Details Diff 		Fixed issue 08887: Question text and help : unable to use html entities of < and > for admin
Dev: did we need to move fixCKeditor to model, think yes but unsure		 Affected Issues
08887
mod - application/controllers/admin/database.php Diff File
mod - application/core/LSYii_Validators.php Diff File

Issue History

Date Modified Username Field Change
2014-03-21 09:45 DenisChenu New Issue
2014-03-21 09:45 DenisChenu File Added: simplejs.txt
2014-03-21 09:46 DenisChenu Additional Information Updated
2014-03-21 09:47 DenisChenu Relationship added related to 08818
2014-03-21 09:50 DenisChenu Note Added: 29475
2014-03-21 09:55 c_schmitz Note Added: 29476
2014-03-21 10:06 DenisChenu Note Added: 29478
2014-03-21 10:06 DenisChenu Assigned To => DenisChenu
2014-03-21 10:06 DenisChenu Status new => assigned
2014-03-21 10:06 DenisChenu Note Added: 29479
2014-03-21 10:06 DenisChenu Status assigned => feedback
2014-03-21 16:17 DenisChenu Changeset attached => LimeSurvey master c4e45cc6
2014-03-21 16:17 DenisChenu Note Added: 29496
2014-03-21 16:17 DenisChenu Status feedback => assigned
2014-03-21 16:17 DenisChenu Status assigned => feedback
2014-03-21 16:17 DenisChenu Resolution open => fixed
2014-03-21 16:20 DenisChenu Note Added: 29498
2014-03-21 16:20 DenisChenu Status feedback => assigned
2014-03-22 11:25 DenisChenu Status assigned => resolved
2014-03-22 11:25 DenisChenu Fixed in Version => 2.05+
2014-04-04 10:26 c_schmitz Note Added: 29674
2014-04-04 10:26 c_schmitz Status resolved => closed
2019-11-01 17:25 c_schmitz Category Survey design => Survey editing