WordPress.org

Ready to get started?Download WordPress

Forums

WP-DBManager
Security alert! (9 posts)

  1. Joakim Jardenberg
    Member
    Posted 3 years ago #

  2. Lester Chan
    Member
    Plugin Author

    Posted 3 years ago #

  3. Joakim Jardenberg
    Member
    Posted 3 years ago #

    Excellent work! Thanks a million.

  4. Vijay Padiyar
    Member
    Posted 3 years ago #

    Hi Lester

    Could I also request you to update all calls to get_bloginfo('name') or get_option('blogname') to go through wp_specialchars_decode()? Because otherwise it creates display problems in blogs that have an apostrophe in the blog name. This character is displayed wierdly in backup emails.

    For instance, I have changed below lines in your files wp-dbmanager.php and database-manage.php as follows:

    $mail_subject = sprintf(__('%s Database Backup File For %s', 'wp-dbmanager'), wp_specialchars_decode(get_option('blogname')), $file_date);

    This fixed my problem. Can you please make this change in your codebase itself?

    Thanks

    Vijay Padiyar

  5. Lester Chan
    Member
    Plugin Author

    Posted 3 years ago #

    Vijay: Sure thing! Will add it in on 2.62

  6. graphitegolem
    Member
    Posted 3 years ago #

    Is this the reason that after I installed it, I got a message saying that my backup files MIGHT be visible to the public, and even after moving the htaccess file and refreshing my browser, I still got that message?

  7. Lester Chan
    Member
    Plugin Author

    Posted 3 years ago #

    That has nothing to do with it. Ensure that your htaccess is renamed to .htaccess

  8. Lester Chan
    Member
    Plugin Author

    Posted 3 years ago #

  9. Vijay Padiyar
    Member
    Posted 3 years ago #

    Hi Lester

    A mistake from my side. We also need to pass ENT_QUOTES to wp_specialchars_decode() to get it to work the way we want here:

    wp_specialchars_decode(get_option('blogname'),ENT_QUOTES)

    Could you please update all calls to wp_specialchars_decode() appropriately?

    Thanks

    Vijay

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic