View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006358 | OXID eShop (all versions) | 4. ------ eShop Core ------- | public | 2016-03-28 16:51 | 2024-03-13 10:01 |
| Reporter | Mitmacher | Assigned To | |||
| Priority | low | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 4.9.7 / 5.2.7 | ||||
| Fixed in Version | 6.2.2 | ||||
| Summary | 0006358: Wrong HTML encoding when passing passwords to smtp auth (login) | ||||
| Description | You are not allowed to use smtp passwords with html special chars in it. That happens because of wrong html encoding in function setSmtp() in oxemail.php. It seems that this problem applies to all OXID versions. | ||||
| Steps To Reproduce | Create an email account (through your provider) with a password which includes an ampersand for example. Fill in these account data to your main shop settings and try to send an email (contact or order). This won't work because the "&" in your password has been encoded to "&" and therefore is invalid. | ||||
| Additional Information | Perhaps a simple solution could be to replace line 475: $this->_setSmtpAuthInfo($oShop->oxshops__oxsmtpuser->value, $oShop->oxshops__oxsmtppwd->value); with this: $this->_setSmtpAuthInfo($oShop->oxshops__oxsmtpuser->value, $oShop->oxshops__oxsmtppwd->getRawValue()); So all html special chars would be allowed to use in passwords which is the expected behaviour I guess. | ||||
| Tags | No tags attached. | ||||
| Theme | Not defined | ||||
| Browser | Not defined | ||||
| PHP Version | Not defined | ||||
| Database Version | Not defined | ||||
|
|
This was fixed in oxideshop_ce v6.5.6 from a pull request by tabsl in https://github.com/OXID-eSales/oxideshop_ce/pull/806 and released with metapackage v6.2.2 |
