View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006477 | OXID eShop (all versions) | 4.07. Source code, Test | public | 2016-08-12 15:09 | 2020-02-26 09:13 |
| Reporter | stg | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 4.10.0 / 5.3.0 | ||||
| Fixed in Version | 6.1.0 | ||||
| Summary | 0006477: oxUtilsServer::getOxCookie has side effects on $_COOKIE | ||||
| Description | getOxCookie uses the following line to clear Special Characters from Cookie Values: $sValue = oxRegistry::getConfig()->checkParamSpecialChars($_COOKIE[$sName]); checkParamSpecialChars uses call by reference and thus changes $_COOKIE. In certain cases (json_data f.e.), this happens whith every call. | ||||
| Steps To Reproduce | Insert the following code somewhere in your shop: $aTestData = array( "title" => "Jau!", "band" => "Fury in the Slaughterhouse", "year" => 1990 ); $oUtilsServer = oxRegistry::get("oxUtilsServer"); $oUtilsServer->setOxCookie('wont_forget', json_encode($aTestData), time() + 600, '/'); var_export($_COOKIE['wont_forget']); echo "\n"; var_export($oUtilsServer->getOxCookie('wont_forget')); echo "\n"; var_export($oUtilsServer->getOxCookie('wont_forget')); echo "\n"; var_export($oUtilsServer->getOxCookie('wont_forget')); echo "\n"; var_export($oUtilsServer->getOxCookie('wont_forget')); echo "\n"; var_export($oUtilsServer->getOxCookie('wont_forget')); echo "\n"; var_export($oUtilsServer->getOxCookie('wont_forget')); echo "\n"; var_export($_COOKIE['wont_forget']); echo "\n"; | ||||
| Additional Information | The code replaces HTML special characters and produces something like the following: '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' '{"title":"Jau!","band":"Fury in the Slaughterhouse","year":1990}' | ||||
| Tags | No tags attached. | ||||
| Theme | Not defined | ||||
| Browser | Not defined | ||||
| PHP Version | 5.6 | ||||
| Database Version | Not defined | ||||
| duplicate of | 0005307 | resolved | benjamin.joerger | Cookies are changed by checkParamSpecialChars's several times |
|
|
Same issue as id=5307 Sorry for duplicating. |
|
|
https://bugs.oxid-esales.com/view.php?id=5307 |
|
|
The bugfix introduced a BC break and must be reverted. This bug cannot be fixed in v5.3 The right way to fix this bug in v6.0 is to create a separate method in v5.3 and deprecate the current method checkParamSpecialChars(). In v6.0 do not change the current method, but replace it by the new one and delete the current method checkParamSpecialChars() |
