Mantis 1.3.5: Quotes and backslash escaped

Get help from other users here.

Moderators: Developer, Contributor

Post Reply
cm_bt
Posts: 4
Joined: 27 Jan 2017, 14:52

Mantis 1.3.5: Quotes and backslash escaped

Post by cm_bt »

Last week I updated Mantis from 1.2.19 to 1.3.5. Mantis is running on Debian with Apache 2 and PHP 5.3.3-7. Since this update double quotes ("), single quotes (') and backslashes (\) are escaped with a backslash for every text input field. So for example if I enter a new note for an existing ticket like this:

Code: Select all

This is a Test with "Double Quotes" and 'Single Quotes' and \Backslashes\
Mantis will display this after the note is saved:

Code: Select all

This is a Test with \"Double Quotes\" and \'Single Quotes\' and \\Backslashes\\
I tested it for all these text input field, all have the same problem: Summary, Description, Steps To Reproduce, Additional Information, Notes
It does not matter if I add something new or if I edit an existing text.

In the changelog I cannot find anything related to escaping quotes and backslashes. How can I configure the escaping in Mantis?
atrol
Site Admin
Posts: 8366
Joined: 26 Mar 2008, 21:37
Location: Germany

Re: Mantis 1.3.5: Quotes and backslash escaped

Post by atrol »

run admin/check/index.php

Do you get any warnings for magic quotes feature?
Please use Search before posting and read the Manual
cm_bt
Posts: 4
Joined: 27 Jan 2017, 14:52

Re: Mantis 1.3.5: Quotes and backslash escaped

Post by cm_bt »

Thanks a lot for the fast reply! You were right, the check failed for magic_quotes_gpc, because it is set in php.ini. Now I disabled it for the Mantis virtual host by adding this to the virtual host's apache configuration:

Code: Select all

php_flag magic_quotes_gpc Off
I could also change it in php.ini, but at the moment I am not sure if any other software running on this server needs it (I know it will be removed in PHP 5.4).

Thanks again for your great support!
Post Reply