0034442: Wrong display of some column titles on "View Issues" page

ID	Project	Category	View Status	Date Submitted	Last Update
0034442	mantisbt	html	public	2024-05-12 15:37	2024-08-25 04:31

Reporter	atrol	Assigned To	dregad
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	2.26.2
Target Version	2.26.3	Fixed in Version	2.26.3

Summary	0034442: Wrong display of some column titles on "View Issues" page
Description	Icons for colum titles "View Status" and "Overdue" are not displayed on "View Status" page.
Tags	No tags attached.
Attached Files	ColumnTitles.png (10,427 bytes) ColumnTitles.png (10,427 bytes)

atrol 2024-05-12 15:39 developer ~0068931	Side effect introduced by 0034432:0068907

atrol 2024-05-12 16:02 developer ~0068932	@dregad not sure what's a good solution for that. Maybe add an icon parameter to `print_view_bug_sort_link`?

dregad 2024-05-13 02:31 developer ~0068933	Deep inside of me I knew that changing print_link() would come back and bite us. Maybe add an icon parameter to print_view_bug_sort_link? Seems like the most obvious option, but it is not sufficient, as this calls print_link() so the icon param would have to be added there as well. Need to think about it.

atrol 2024-05-19 14:17 developer ~0068937	As a temporary workaround in case someone needs a short term change, replaced the icon by text https://github.com/mantisbt/mantisbt/pull/2005

dregad 2024-05-20 06:05 developer ~0068938	PR https://github.com/mantisbt/mantisbt/pull/2006

MantisBT: master-2.26 447a521a 2024-05-06 13:04 dregad Details Diff	Proper escaping of Custom Field name for display Fixes XSS vulnerability on - bug_change_status_page.php (resolving and closing issues) - view_all_bug_page.php & print_all_bug_page.php (when the custom field is selected as a column for display/print) Fixes 0034432, CVE-2024-34081	Affected Issues 0034432, 0034442
	mod - bug_change_status_page.php	Diff File
	mod - core/print_api.php	Diff File
MantisBT: master-2.26 466e63c9 2024-05-20 04:44 dregad Details Diff	Add optional $p_icon param to print_link() Issue 0034442	Affected Issues 0034442
	mod - core/print_api.php	Diff File
MantisBT: master-2.26 ee131619 2024-05-20 04:48 dregad Details Diff	Add optional $p_icon param to print_view_bug_sort_link() Changed $p_string parameter name to $p_label, to better reflect its purpose. Issue 0034442	Affected Issues 0034442
	mod - core/print_api.php	Diff File
MantisBT: master-2.26 6fe9b06f 2024-05-20 04:54 dregad Details Diff	Fix display of icon for view_state and overdue columns Fixes 0034442	Affected Issues 0034442
	mod - core/columns_api.php	Diff File

related to	0034432	closed	dregad	CVE-2024-34081: Unsanitised custom field names printed
has duplicate	0034457	closed	atrol	Column titles in HTML get improperly sanitized
related to	0034458	closed	dregad	Better icon for "overdue" column
related to	0034460	closed	dregad	Sorting by "overdue" column does not work if "due_date" is not visible