0035424: Use new string_build_query() API function

ID	Project	Category	View Status	Date Submitted	Last Update
0035424	mantisbt	code cleanup	public	2025-02-21 18:03	2025-03-15 15:54

Reporter	dregad	Assigned To	community
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	resolved	Resolution	fixed
Target Version	2.28.0	Fixed in Version	2.28.0

Summary	0035424: Use new string_build_query() API function
Description	This new function was introduced by @raspopov as part of PR https://github.com/mantisbt/mantisbt/pull/2096 to fix HTML errors and warnings (see 0035180). As discussed during PR review, for consistency this new API function should replace existing usages of http_build_query(), otherwise we'll end up with some URLs RFC1738-encoded (default for $encoding_type parameter), which may or may not be an actual issue (I did not check). Usage of but urlencode() and rawurlencode() should also be checked, e.g. in print_all_bug_page.php: `147: $t_search = urlencode( $f_search ); ... 166: echo '<a href="' . $t_icon[0] . '.php?' . http_build_query( $t_params ) . '" ' . $t_icon[2] . '>';` The $t_search is included in $t_params.
Tags	No tags attached.

MantisBT: master fa1df957 2025-03-03 22:50 raspopov Committer: dregad Details Diff	Extend the use of the query parameter Extended the allowed parameter types of helper_url_combine(), auth_login_page(), auth_credential_page(), AuthFlags::getCredentialsPage() functions that accepted a query string to also accept an array of query parameters. Fixes 0035424	Affected Issues 0035424
	mod - core/authentication_api.php	Diff File
	mod - core/classes/AuthFlags.class.php	Diff File
	mod - core/helper_api.php	Diff File
MantisBT: master 1c2f8343 2025-03-15 14:09 dregad Details Diff	Extend the use of the query parameter Added a new test UrlCombineTest for helper_url_combine(). Fixes 0035424, PR https://github.com/mantisbt/mantisbt/pull/2114	Affected Issues 0035424
	mod - adm_config_report.php	Diff File
	mod - admin/check/check_database_inc.php	Diff File
	mod - admin/check/index.php	Diff File
	mod - billing_export_to_excel.php	Diff File
	mod - bug_report.php	Diff File
	mod - core/access_api.php	Diff File
	mod - core/authentication_api.php	Diff File
	mod - core/classes/AuthFlags.class.php	Diff File
	mod - core/csv_api.php	Diff File
	mod - core/excel_api.php	Diff File
	mod - core/filter_api.php	Diff File
	mod - core/filter_form_api.php	Diff File
	mod - core/helper_api.php	Diff File
	mod - core/html_api.php	Diff File
	mod - core/http_api.php	Diff File
	mod - core/install_helper_functions_api.php	Diff File
	mod - core/layout_api.php	Diff File
	mod - core/print_api.php	Diff File
	mod - core/string_api.php	Diff File
	mod - core/summary_api.php	Diff File
	mod - excel_xml_export.php	Diff File
	mod - login.php	Diff File
	mod - login_anon.php	Diff File
	mod - login_page.php	Diff File
	mod - login_password_page.php	Diff File
	mod - login_select_proj_page.php	Diff File
	mod - manage_proj_page.php	Diff File
	mod - my_view_inc.php	Diff File
	mod - print_all_bug_page.php	Diff File
	mod - query_store.php	Diff File
	mod - set_project.php	Diff File
	mod - tag_view_page.php	Diff File
	add - tests/Mantis/Helper/UrlCombineTest.php	Diff File
	mod - timeline_inc.php	Diff File

View Issue Details

Relationships

Activities

Related Changesets

raspopov 2025-03-03 22:57 reporter ~0069937	The first step is to slightly extend the API of functions that work with query strings so that they also understand the array of 'query parameter name'='value' pairs. https://github.com/mantisbt/mantisbt/pull/2114