Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
3.1.1
-
None
Description
The $user->page['page'] value is no longer valid as a result of the query string being htmlspecialcharred. This causes problems down the road when functions such as build_url() and confirm_box() make use of it. See https://tracker.phpbb.com/browse/PHPBB3-13279 and
<bonelifer> can someone try and delete a Bookmark? I can't on .com
I get a do you want to dialog, I say yes and instead of taking me back to the manage bookmarks page it kicks me back to the UCP --> Front Page
I go back to the Manage Bookmarks page, and it hasn't deleted the bookmark
In phpbb\session.extract_current_page() we call Symfony\Component\HttpFoundation\Request.getQueryString()... which calls that class's normalizeQueryString method:
$args = explode('&', $symfony_request->getQueryString());
|
normalizeQueryString expects & to be the delimiter (note our same assumption above):
foreach (explode('&', $qs) as $param) {
|
The end result looks similar to the following:
mcp.php?amp%3Bf=2&%3Bp=12166&i=queue
|
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- is related to
-
-
- Closed
-
-
-
- Closed
-