WordPress.org

Support

Support » Plugins and Hacks » Dollar sign in event description interpreted as PHP variable

Dollar sign in event description interpreted as PHP variable

  • sunriseweb
    Member

    @sunriseweb

    If a dollar sign ($) is included in the event description then it doesn’t display properly on the event hover when the calendar is inserted via the shortcode on a page or post. The $ is interpreted as a PHP variable as per this post.

    To fix this I changed line 2325 of the plugin to replace ‘$’ with ‘/$’ after stripslashes.

    $details = '<span class="calnk"><a href="'.$linky.'" '.$style.'>' . stripslashes($event->event_title) . '<span '.$style.'>' . $header_details . '' . str_replace('$','\$',stripslashes($event->event_desc)) . '</span></a></span>';

    PS – Great plugin!

    http://wordpress.org/extend/plugins/calendar/

Viewing 4 replies - 1 through 4 (of 4 total)
  • I’ve come across the same issue. Although I’m not exactly sure what caused the bug (I updated wordpress and the calendar plugin around the same time). I noticed that the descriptions with dollar amounts in them ($10 etc.) would not display on the mouse-hover popup.

    The fix required a slightly different modification:

    $details = '<span class="calnk"><a href="'.$linky.'" '.$style.'>' . stripslashes($event->event_title) . '<span '.$style.'>' . $header_details . '' . stripslashes(str_replace('$','&#36',$event->event_desc)) . '</span></a></span>';

    Same thing other than using '&#36' rather than '\$' . Somehow the escaped dollar symbol '\$' didn’t want to take. Replacing the dollar symbol with the html entity code solves it.

    Plugin Author Kieran O'Shea
    Member

    @kieranoshea

    Thanks for letting me know about this, I’ll look to get it changed in the next released incremental version.

    sunriseweb
    Member

    @sunriseweb

    Just downloaded Calendar v1.3.3 – alas but problem still exists 🙁

    Plugin Author Kieran O'Shea
    Member

    @kieranoshea

    I’m aware of that, I had to get 1.3.3 out as a rush job due to the need to fix an XSS vulnerability. 1.3.4 will have more conventional fixes in it, the dollar sign among them 🙂

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Dollar sign in event description interpreted as PHP variable’ is closed to new replies.