09917: Error when updating a lalel set name containing a simple quote '

This bug affects 1 person(s).

ID	Project	Category	View Status	Date Submitted	Last Update

09917	Bug reports	Other	public	2015-09-24 09:25	2015-09-30 11:01

Reporter	routard	Assigned To	DenisChenu
Priority	normal	Severity	minor
Status	closed	Resolution	fixed
Product Version	2.06+
Fixed in Version	2.06+

Summary	09917: Error when updating a lalel set name containing a simple quote '
Description	When an existing labet set is edited (to change his name), if the name contains an apostrophe ' then the name is troncatad before the '. This problem doesn't exist when creating a new label set with an apostrophe inside. This problem doesn't exist too with the templates names because when a new template name contains an apostrophe, it is automatically replaced by an underscore.
Additional Information	Maybe a possible SQL injection issue ? The label set names should be treated the same as the templates names (remove all apostrophes ')?
Tags	No tags attached.
Attached Files	Clipboard01.jpg (98,756 bytes) Clipboard01.jpg (98,756 bytes)

Bug heat	6
Complete LimeSurvey version number (& build)	150911
I will donate to the project if issue is resolved	No
Browser
Database type & version	mysql 5.6.17
Server OS (if known)	Linux Fcm-froxlor03 3.2.0-4-amd64 #1 SMP Debian 3.2.57-3+deb7u1 x86_64
Webserver software & version (if known)	Apache/2.4.9 (Win64)
PHP Version	5.6.6

User List	There are no users monitoring this issue.

routard 2015-09-24 09:30 reporter ~33147 Last edited: 2015-09-24 09:30	On the screenshot above, the name of the label set was, before editing : Villes du 95 (Val-d'Oise) And when editing the name, it becomes : Villes du 95 (Val-d

DenisChenu 2015-09-28 18:42 developer ~33187	Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=15994

c_schmitz 2015-09-30 11:01 administrator ~33217	Version 2.06+ Build 150930 released

Date Modified	Username	Field	Change
2015-09-24 09:25	routard	New Issue
2015-09-24 09:25	routard	File Added: Clipboard01.jpg
2015-09-24 09:30	routard	Note Added: 33147
2015-09-24 09:30	routard	Note Edited: 33147
2015-09-28 18:36	DenisChenu	Assigned To	=> DenisChenu
2015-09-28 18:36	DenisChenu	Status	new => confirmed
2015-09-28 18:37	DenisChenu	Summary	Error when updating a lalel set name containing an apostrophe ' => Error when updating a lalel set name containing a simple quote '
2015-09-28 18:42	DenisChenu	Changeset attached	=> LimeSurvey master 83eb591e
2015-09-28 18:42	DenisChenu	Note Added: 33187
2015-09-28 18:42	DenisChenu	Resolution	open => fixed
2015-09-28 18:46	DenisChenu	Status	confirmed => resolved
2015-09-28 18:46	DenisChenu	Fixed in Version	=> 2.06+
2015-09-30 11:01	c_schmitz	Note Added: 33217
2015-09-30 11:01	c_schmitz	Status	resolved => closed

LimeSurvey: master 83eb591e 2015-09-28 16:42:19 DenisChenu Details Diff	Fixed issue 09917: Error when updating a label set name containing a simple quote Dev; Chtml fix the issue		Affected Issues 09917
	mod - application/views/admin/labels/editlabel_view.php		Diff File