Closed Bug 511542 Opened 15 years ago Closed 15 years ago

Post titles need to be updated for bug 505652

Categories

(support.mozilla.org :: General, defect)

Product:
support.mozilla.org
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: paulc, Assigned: paulc)

References

Details

(Whiteboard: sumo_only)

Attachments

(1 file, 2 obsolete files)

script that generates SQL dump, v2
1.26 KB, text/plain
laura
: review+
Details 
The fix in bug 505652 makes sure titles are properly escaped on display, e.g. on tiki-view_forum_thread.php
However, because previously titles were being escaped in the database instead, this leads to double escaping. For an example of this see:
https://support.mozilla.com/tiki-view_forum_thread.php?locale=en-US&comments_parentId=411589&forumId=1
versus
https://support-stage.mozilla.org/tiki-view_forum_thread.php?locale=en-US&comments_parentId=411589&forumId=1

Note that ON EDIT they have the same (wrong) title:
https://support.mozilla.com/tiki-view_forum.php?locale=en-US&comments_offset=1&comments_threshold=0&comments_threadId=411589&openpost=1&forumId=1
https://support-stage.mozilla.org/tiki-view_forum.php?locale=en-US&comments_offset=1&comments_threshold=0&comments_threadId=411589&openpost=1&forumId=1

It looks like this fix needs a SQL update.
Since these will not occur after the push of bug 505652, the quickest way would be to simply run a script on sumotools after push with that day's db copy, and re-populate the data in the tiki_comments table.
Attached file script that generates SQL dump (obsolete) — 
Here's a script that generates the SQL dump to run AFTER we push bug 505652.

This will create a dump to unescape all the comment titles, data and summary from the database. My local SUMO database dates from July 1st and has ~3000 rows. However, Cheng did the same query count on yesterday's dump and the count is now over 17K. I suspect that bug 500146 is the cause of this *huge* increase, because it escapes data before submitted to the database.

The only concern here is for comments that actually contain the characters, and which were posted before bug 500146 was pushed - this accounts for around 2000, which Cheng says is fine. We assumed the date for the 1.2 push was around June 26.
Attachment #395746 - Flags: review?(laura)
Attached file script that generates SQL dump (obsolete) — 
Forgot to remove something while I was testing.
Attachment #395746 - Attachment is obsolete: true
Attachment #395747 - Flags: review?(laura)
Attachment #395746 - Flags: review?(laura)
Attachment #395747 - Attachment mime type: application/x-httpd-php → text/plain
Comment on attachment 395747 [details]
script that generates SQL dump

Did you mean:
http://us3.php.net/microtime 
with get_as_float set, 
and:
http://us3.php.net/manual/en/function.htmlspecialchars-decode.php 

Otherwise looks ok.
Attachment #395747 - Flags: review?(laura) → review-
Cool, I really didn't know there's a function to reverse. Thanks!
Attachment #395747 - Attachment is obsolete: true
Attachment #395972 - Flags: review?(laura)
Attachment #395972 - Flags: review?(laura) → review+
Target Milestone: 1.3 → 1.4
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Target Milestone: 1.4 → 1.3
Whiteboard: sumo_only
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: