Open-AudIT

What's on your network?
It is currently Wed Jan 17, 2018 3:24 pm

All times are UTC + 10 hours




Post new topic Reply to topic  [ 10 posts ] 
Author Message
PostPosted: Tue Oct 08, 2013 11:31 pm 
Offline
Newbie

Joined: Wed Sep 25, 2013 2:14 am
Posts: 8
I've created a custom field and I would like to put things like "http://hostname/application" on this field however the char "/" is replaced by "^^^". Is there a way to prevent the char replacement ?


Top
 Profile  
Reply with quote  
PostPosted: Wed Oct 09, 2013 10:22 pm 
Offline
Newbie

Joined: Wed Sep 25, 2013 2:14 am
Posts: 8
I've did some research and found out these lines:

open-audit/code_igniter/application/controllers/ajax.php: $config_name = str_replace("%5E%5E%5E", "/", $config_name);
open-audit/code_igniter/application/controllers/ajax.php: $config_value = str_replace("%5E%5E%5E", "/", $config_value);

I've commented (using // and #) and even removed the line altogether (and after that I restarted the apache) but I'm still unable to input a string like "http://somewebsite/" on a custom field of my device.


Top
 Profile  
Reply with quote  
PostPosted: Thu Oct 10, 2013 3:17 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1223
Right file but wrong fix. I've attached a working (hopefully) ajax.php.

The problem is in any submit field which uses the instantedit.js script which is where the "/" -> "^^^" replacement takes place. The existing code already used urldecode but that wasn't fixing the instantedit slash substitution so I just changed the urldecode to a custom version that reverses the slash substitution. Although in my testing the urldecode function was already operating on urldecoded data.

I only changed the update_system_man function and didn't touch update_config which was already handling this very problem. Mark can fix this how he'd like but the attached ajax.php should get it working in the short term.


Attachments:
ajax.txt [16.78 KiB]
Downloaded 171 times
Top
 Profile  
Reply with quote  
PostPosted: Thu Oct 10, 2013 7:12 am 
Offline
Newbie

Joined: Wed Sep 25, 2013 2:14 am
Posts: 8
Great, worked like a charm!


Top
 Profile  
Reply with quote  
PostPosted: Fri Oct 11, 2013 9:25 am 
Offline
Site Admin
User avatar

Joined: Mon Jun 07, 2004 11:48 am
Posts: 1933
Location: Brisbane, Australia
Thanks JPA. I've merged the changes to ajax.php and it will be in the next release.

_________________
Support and Development hours available from Opmantek.
Please consider a purchase to help make Open-AudIT better for everyone.


Top
 Profile  
Reply with quote  
PostPosted: Sat Nov 07, 2015 3:47 am 
Offline
Newbie

Joined: Thu Oct 15, 2015 9:15 pm
Posts: 19
I'm using the 1.8.2 version and I have similar problem but the "/" character is replaced with "%2F".
I read the file uploaded by jpa but I didn't find the changes he did.
I also tried to substitute the original file with the jpa's with no luky.
Is there a way to solve the problem?

Thanks


Top
 Profile  
Reply with quote  
PostPosted: Sat Nov 07, 2015 8:59 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1223
The instantedit.js has changed since this was originally fixed. It looks like instantedit used to replace "/" with "^^^" to fix this very problem. This is now gone so the problem has returned.

So when you edit manual value that has a slash in the data the URL is not found and the update fails. Something like this test of setting a value to "Test1/Test2" gives a 404 on the server which the ajax update silently clobbers.
Code:
http://localhost/open-audit/index.php/ajax/update_system_man/112/man_description/Test1%2FTest22


Others have seen this problem in CodeIgniter/Apache and have various suggested fixes. Maybe Mark could replace the /->^^^ substitution for a quick fix?


Top
 Profile  
Reply with quote  
PostPosted: Sat Nov 07, 2015 9:40 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1223
I had to dig a ways back for a version of instantedit.js that handles this.

So here's my unbroken (again) version. I just put back in the old behavior of replacing the "/" with "^^^" on posting the data. The back end already handles this. Replace "www\open-audit\theme-tango\tango-files\jquery\js\instantedit.js" with the attached.

I tested it with field data containing "/" and it worked. The updated instantedit.js also handles custom field names that contain a "/" but I did not test to see if that works.

Attachment:
instantedit.js [6.06 KiB]
Downloaded 97 times


Top
 Profile  
Reply with quote  
PostPosted: Tue Nov 10, 2015 12:03 am 
Offline
Newbie

Joined: Thu Oct 15, 2015 9:15 pm
Posts: 19
Thank you so much for your help jpa.
Your solution solved my problem!
I also tested custom fields and worked prefectly.


Top
 Profile  
Reply with quote  
PostPosted: Sat Nov 21, 2015 5:54 am 
Offline
Moderator

Joined: Fri Jul 20, 2007 8:27 am
Posts: 1223
I'm bumping this because it didn't make it into 1.8.4


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 10 posts ] 

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group