Author Topic: + sign disappears when hitting save on a product  (Read 2725 times)

Offline Mahomed Dawood

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +4/-0
    • View Profile
+ sign disappears when hitting save on a product
« on: April 21, 2022, 04:07:04 AM »
Hi Guys

When adding a + sign to my product description or name and after hitting save on the admin change , the plus sign disappears , any idea on how i could allow it to be saved with the + sign in the name and description

Where can i make that code change ?

Offline Basara

  • Administrator
  • Hero Member
  • *****
  • Posts: 5774
  • Karma: +274/-2
    • View Profile
Re: + sign disappears when hitting save on a product
« Reply #1 on: April 21, 2022, 07:27:54 AM »
Hello.

Are you working in the visual editor?

Offline Mahomed Dawood

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +4/-0
    • View Profile
Re: + sign disappears when hitting save on a product
« Reply #2 on: April 21, 2022, 08:42:51 AM »
Hi

Yes I am on the catalog page within the product

if I add a + sign to my product name , Description etc after I hit save it goes back to the name without the "+" sign in the name

eg Test Product 1B +

Hit save

Result

Test Product 1B

Offline Basara

  • Administrator
  • Hero Member
  • *****
  • Posts: 5774
  • Karma: +274/-2
    • View Profile
Re: + sign disappears when hitting save on a product
« Reply #3 on: April 22, 2022, 12:46:00 AM »
Hello.
Some symbols are filtered when saved to the database to prevent insecure code to execute.

Offline Mahomed Dawood

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +4/-0
    • View Profile
Re: + sign disappears when hitting save on a product
« Reply #4 on: April 22, 2022, 03:15:32 AM »
Is there a way to change this filter in the code ?

Offline abolabo

  • core-developer
  • Administrator
  • Hero Member
  • *****
  • Posts: 2046
  • Karma: +318/-13
  • web for all, all for web!
    • View Profile
    • AbanteCart
Re: + sign disappears when hitting save on a product
« Reply #5 on: April 22, 2022, 03:47:09 AM »
Switch to html-mode of editor and replace + with + html entity.
Save and check on storefront.

“No one is useless in this world who lightens the burdens of another.”
― Charles Dickens

Offline Mahomed Dawood

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +4/-0
    • View Profile
Re: + sign disappears when hitting save on a product
« Reply #6 on: April 22, 2022, 04:13:04 AM »
Hi

Please note that this affects product name also , whereby the "+" sign dissapears when hitting save

Offline Mahomed Dawood

  • Jr. Member
  • **
  • Posts: 61
  • Karma: +4/-0
    • View Profile
Re: + sign disappears when hitting save on a product
« Reply #7 on: April 25, 2022, 03:53:19 PM »
Hello.
Some symbols are filtered when saved to the database to prevent insecure code to execute.

Hi

So i figured out what was wrong

Abantecart recently fixed a xss vulnerability which I logged

Topic
https://forum.abantecart.com/index.php/topic,9394.msg37087.html#msg37087

Fix
https://github.com/abantecart/abantecart-src/issues/1513

 $data = htmlspecialchars(urldecode($data), ENT_COMPAT, 'UTF-8');

URL Decode was causing the special character "+" to turn into a whitespace

So I basically changed it to :
 $data = htmlspecialchars(rawurldecode($data), ENT_COMPAT, 'UTF-8');  and it worked again

Please advise if this was the right approach ?

 

Powered by SMFPacks Social Login Mod