WordPress.org

Support

Support » Plugins and Hacks » Events Manager » [Plugin: Events Manager] possible bug: wrong quote escaping when editing ticket description

[Plugin: Events Manager] possible bug: wrong quote escaping when editing ticket description

  • Hi, and thx to all developers for this great plugin.
    I think there is a bug in quote escaping, here’s how to reproduce it:
    When editing an event, make it open for booking, create a ticket, enter a description for the ticket that includes single quotes (‘), you will see that the description is displayed fine. BUT when you then save the post/event then something goes wrong and (both in back office and front end) the quotes are displayed with a slash in front.

    Anyone know how I can fix this? Or can anyone point me to where in the code that posted data is processed so I can fix it?

    http://wordpress.org/extend/plugins/events-manager/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Marcus

    @netweblogic

    hi, thanks for reporting this, will check this out and fix asap

    Thank you for your attention…

    in classes/em_ticket.php
    around line 77, function save()
    It seems the data set inside the object is already escaped and the call to wpdb::escape adds another level of escaping.
    A quick fix would be:
    $this->description = stripslashes($this->description);
    $this->name = stripslashes($this->name);

    but I think the right way to fix it is that data should be unescaped before setting it in the object… just couldn’t find where that takes place 🙂

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Plugin: Events Manager] possible bug: wrong quote escaping when editing ticket description’ is closed to new replies.
Skip to toolbar