Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-15791

Regression? single quotes not escaped in "column" field of civicrm_option_value

    Details

    • Type: Bug
    • Status: Done/Fixed
    • Priority: Trivial
    • Resolution: Incomplete
    • Affects Version/s: 4.4.10
    • Fix Version/s: None
    • Component/s: Core CiviCRM
    • Labels:
    • Documentation Required?:
      None

      Description

      A customer site has some civicrm_option_value entries where the "value" column contained a single quote. The site was created with CiviCRM 4.4.5 and did not have problems while running 4.4.6.

      However after upgrading to civicrm 4.4.10, saving of forms containing custom fields referencing the affected option groups would fail with an HTML error 500, without details being logged anywhere (this is a shared hosting environment so it's not possible to dig deep into the Apache logs). On failure, the form would be re-presented for editing.

      This looks to be a regression where quotes in the value strings are no longer escaped?

      The failure occurs even if the form values do not contain any strings with quotes in them, therefore it is most likely that the single quotes are causing a problem at the time that the form is built.

      I have not yet verified the problem in 4.4.11.

      CiviCRM is running within a Drupal CMS (7.34), also upgraded from Drupal 7.32 in the past month.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              mhonman Mark Honman
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: