[TYPO3-commerce] getSingleInputField "umlaut" bug
Jonas Dübi
admin at commandline.ch
Tue Dec 9 11:31:46 CET 2008
Hi
This is the same. The only difference is that "" allows $ for direct
variable call, '' is faster because it doesn't parse anything but '.
I verified the Bug which was found by Cedric, and it's a real problem.
XSS code should be filtered by the removeXSS function which is provided
by t3lib_div. There is a great article about it in T3N.
Best regards,
Jonas
Falk Kühnel schrieb:
> Hi
>
> Shouldnt that be "UTF-8"?
> > $value = addslashes(htmlentities($fieldValue, ENT_COMPAT,'UTF-8'));
>
> Best regards
> Falk
More information about the TYPO3-project-commerce
mailing list