Hello, guest. We have noticed that you are not registered at this bug tracker. Your experience will be greatly enhanced if you log in. To do so, you first must register by clicking on the Register tab at the top. If you are already registered, you can login at the Login tab.
Syndicate Syndicate Listing Display Search Login/Register
Bug Id ?
185 / [Show Bug History]
Reporter ?
Adam DiCarlo
Product/Version ?
Bugdar / 1.2.3
Status ?
Closed
Severity ?
Critical
Duplicate Of ?
- none -
Fixed in Revision ?
1.2.x/2d7e55a
Mstone ?
1.2.4
Summary ?
Apostrophes break search queries
Report Time ?
November 26, 2009 07:18 PM
Assignment ?
Robert
Resolution ?
Fixed
Priority ?
High
Dependencies ?
- none -
Mstone (old) ?


Votes
For: 0 (0%)
Against: 0 (0%)
Total: 0

November 26, 2009 07:18 PM Adam DiCarlo
I do not know which version of Bugdar this report is for--it's whatever bluestatic.org/bugs/ is currently running.

When I tried this search "can't open files" I got an error page showing that MySQL complained of an error in the query. The error is that the ' is not being escaped. Searching for "can''t open files" was successful.

November 26, 2009 07:21 PM Robert
Hiding for now as this may be a security issue. P1.

November 27, 2009 02:50 AM Robert
Released Bugdar 1.2.4 to address this issue. Thank you for the disclosure.