Open psaavedra opened 4 years ago
I cannot reproduce this issue. I managed to save tasks containing many different symbols. I tried with all the keys in the keyboard:
id | _date | init | _end | story | telework | text | ttype | phase | usrid | projectid | customerid | task_storyid | onsite
-----+------------+------+------+-------+----------+------------------------------------------------------------------------------------------------------------+-------+-------+-------+-----------+------------+--------------+--------
161 | 2020-04-04 | 540 | 600 | | f | ~!@#$%^&*()_+`1234567890-=qwertyuiop[]QWERTYUIOP{}asdfghjkl;'\asdfghjkl;'\ASDFGHJKL:"|zxcvbnm,./ZXCVBNM<>? | | | 2 | 1 | | | f
160 | 2020-04-04 | 480 | 540 | | f | !@#$%^&*()_+-=`~[]\';/.,{}|"?>< | | | 2 | 1 | | | f
(2 rows)
Yeah, it seems no so easy to reproduce it. My first suspicion was against the ?
but defenitively is not (I will change the title of the issue later)
If can help. I'm going to put the real error (modifying some private texts) here:
==> /var/log/apache2/phpreport-error.log <==
[Fri Apr 03 14:33:12.848244 2020] [:error] [pid 11124] [client 192.168.10.13:58841] PHP Warning: XMLReader::read(): text && !another text && !and text again => text in /var/www/phpreport/phpreport/web/services/updateTasksService.php on line 206, referer: https://phpreport.domain.com/web/tasks.php
phpreport=# select id,usrid,projectid,text from task where id == 999;
id | usrid | projectid | text
--------+-------+-----------+------------------------------------------------------------------------------------------------------------------------------------------------
999 | 999 | 999 | text +
| | | text +
| | | text? +
| | | text => text +
| | | ^Test expects that, we are in fact
(1 row)
Related PR: https://github.com/Igalia/phpreport/pull/413
The Ext Js framework is probably using custom code for all the XML generation and parsing. I think it would be safer to use the facilities provided by the browser, namely DOMParser and XMLSerializer.
Some tips on how to use them: https://stackoverflow.com/a/34047092
A deny service can be actionated very easily just adding a
?
in the description field of the task.Apache shows the next error:
Apparently there is a XML parsing error due to a unescaped
?
char in the text file.Environment: