Localized text phrase "align_left" breaks javascript code if contains quote

[daniol]

What's happened?

If the the text phrase with var_name="align_left" contains a quote ', the complete site gets unusable because the generated javascript code is broken as it is not escaped with a backslash \'. It produces a hundred of errors that can be seen on the javascript console.

Steps to reproduce:

1. Add a quote in the phrase var_name="align_left" (see screenshot below)

What's expected?

All localized strings should be properly escaped. Quotes should be escaped with a backslash.

Server information

PHP Version 7.3.28

phpFox version

phpfox 4.8.8 (problem did not exist on previous versions)

Screenshots

Database entry:

Broken JS code: Text correctly escaped with backslash marked in blue. Affected text not escaped marked in red (backslash is missing).

Notices

• Other phrases seem to be correctly escaped (see screenshot above)
• Other phrases might be also affected?

[harrison05]

Hi @daniol

We will check this issue. Thanks for your report.