[Koha-bugs] [Bug 17393] selfreg - Patron' s info are not correctly inserted if contain non-Latin characters

[bugzilla-daemon at bugs.koha-community.org]

https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17393

Katrin Fischer <katrin.fischer at bsz-bw.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
  Attachment #56007|0                           |1
        is obsolete|                            |

--- Comment #3 from Katrin Fischer <katrin.fischer at bsz-bw.de> ---
Created attachment 56149
  -->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=56149&action=edit
[PASSED QA] Bug 17393: Fix non-Latin chars handling in self reg

If you fill the patron self reg with non-latin characters, they will be
encoded with HTML entities (é)
This bug leads to generate a userid with weird behaviors:
é => eacute
ł => x

Test plan:
0/ Do not apply the patch
1/ Set up the Self reg feature
2/ fill surname, fistname with something like "Michał pouéàç"
3/ Save
4/ See the bad encoding/replacement on the screen and look at the data
The accentued chars are replaced with their html representation and the
non-Latin chars with a 'x'
in the DB
5/ Apply this patch
6/ Repeat steps 2, 3
7/ Everything should be ok
8/ Try to make sure this HTML::Entities escape was not useful:
fill surname with "surname <script>alert("xss?")</script>"
Save and look at the data

Followed test plan, works as expected.
Signed-off-by: Marc Véron <veron at veron.ch>

Signed-off-by: Katrin Fischer  <katrin.fischer at bsz-bw.de>

-- 
You are receiving this mail because:
You are watching all bug changes.