a new picture problem | eHow Feedback & Suggestions

POST NEW TOPIC REPLY TO THIS TOPIC

MEMBER	POST
desolator144 Joined: Jan 26, 2008 Total Posts: 682 7276 Points	Report Inappropriate Content Posted: Jul 22, 2008 11:05 PM PST I just found out the hard way that if anyone puts a double quote in an image caption field on any step, it screws everything up. Like for example I put a caption of: 1/8" to RCA adapter. When I published it, it just said 1/8 and that's it and cut off the " and everything after it. Also when I clicked on that particular image, it wouldn't load. The gray spinny thingy just spun around over and over and over. Must be some weird glitch, probably related to serializing objects between pages like with the vertical bar character. Quote Reply
Altari Joined: Oct 30, 2007 Total Posts: 13 3545 Points	Report Inappropriate Content Posted: Jul 23, 2008 6:17 AM PST Sounds more like someone forgot to escape their query and now the whole database field is broken. Just a thought. Quote Reply
Rich, eHow Community Mgr Joined: Mar 16, 2007 Total Posts: 1225 2370 Points Moderator	Report Inappropriate Content Posted: Jul 23, 2008 12:25 PM PST Quote: Originally by AltariSounds more like someone forgot to escape their query and now the whole database field is broken. Just a thought. Thanks for picking up on this guys. We'll look into it. Thanks. -Rich Quote Reply
desolator144 Joined: Jan 26, 2008 Total Posts: 682 7276 Points	Report Inappropriate Content Posted: Jul 23, 2008 4:39 PM PST ooh that means parts this site was probably designed poorly enough to be vulnerable to SQL injections too! that's no fun! By the way, if you put a vertical bar character in the right place and the right data between it, you can hack your articles to say just about anything and probably avoid the filters and tons of other bad stuff. They should fix all that Quote Reply
Altari Joined: Oct 30, 2007 Total Posts: 13 3545 Points	Report Inappropriate Content Posted: Jul 28, 2008 5:41 AM PST Quote: Originally by desolator144ooh that means parts this site was probably designed poorly enough to be vulnerable to SQL injections too! that's no fun! By the way, if you put a vertical bar character in the right place and the right data between it, you can hack your articles to say just about anything and probably avoid the filters and tons of other bad stuff. They should fix all that FYI this is NOT something you should post on a public forum! This would be better expressed in a private message to Rich to be forwarded to the development team. Quote Reply
desolator144 Joined: Jan 26, 2008 Total Posts: 682 7276 Points	Report Inappropriate Content Posted: Jul 28, 2008 1:51 PM PST if someone wanted to attack the site, they'd already know about all these problems just by being here Quote Reply
Rich, eHow Community Mgr Joined: Mar 16, 2007 Total Posts: 1225 2370 Points Moderator	Report Inappropriate Content Posted: Jul 29, 2008 9:59 PM PST Quote: Originally by desolator144if someone wanted to attack the site, they'd already know about all these problems just by being here Thanks for looking out, but feel free to make comments on here about any problems you see. That's why we have this forum. Thanks -Rich Quote Reply