[geeklog-devel] geeklog-devel Digest, Vol 27, Issue 8

Joe Mucchiello joe at ThrowingDice.com
Mon Apr 13 19:31:08 EDT 2009

At 11:02 AM 4/13/2009, Tim Patrick wrote:

>Hey Guys,
>I think you were already aware of the bug fix I made.. But here it 
>is just in case.
>Made some changes to the fix - before it only fixed one aspect - now 
>by calling the rawurlencode function at account creation, there is 
>no more need of it.

But doesn't that break everywhere the username is displayed to the 
browser? If you log in as Night & Day. The rawurlencode becomes 
Night%20%26%20Day. Don't you have to call urldecode and 
htmlspecialchars to get it to Night & Day in order to display it 
in the browser? This fix sounds like it opens a big can of worms. 
While most output can be caught in COM_getDisplayName, I'm sure there 
are places where that is not used to display the user's name.

Joe Mucchiello
Throwing Dice Games

More information about the geeklog-devel mailing list