Jump to content

[CODE BUG]


Pursuant
 Share

Recommended Posts

When using Configuration::updateValue('key','value'), the following happens:

   static public function updateValue($key, $values, $html = false)
   {            
       //code removed
       /* Update classic values */
       if (!is_array($values))
       {
           $values = pSQL($values, $html); //VALUE IS ESCAPED HERE        
            if (Configuration::get($key) !== false) //Configuration doesnt exist, so go to else
            {
               $result = $db->AutoExecute(
                   //code removed
           }
           else
           {
              $result = self::_addConfiguration($key, $values);[/u]//_addConfiguration is called, using the ESCAPED keys, instead of the original keys.[/b]  
               //code removed
           }
       }

       /* Update multilingual values */
       else
       {
           //code removed
       }
       return $result;
   }



When the escaped $values is passed to _addConfiguration, it gets double escaped before it is inserted.

This is a bug I have found in v1.4

Prestashop team please fix!

--Kevin Klika

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More