proxyconcept
commented
2 years ago I'm working on it, in order to have the possibility of escaping semicolon in value.
I choose the backslash solution \; because it's very common to escape special characters with it.
I see in #6718 the suggestion to use str_getcsv. It's not a bad idea to reuse the CSV syntax... but I think it's not really applicable because this shifts the problem to the enclosure char. So finally this solution is more complex and can cause a BC break (because the enclosure char " should be escaped after this change).
BUG REPORT INFORMATION
Prerequisites
Versions
centreon-web-22.04.0-2.el8.noarch
Operating System
Red Hat Enterprise Linux 8.6 (Ootpa)
Description
CLAPI (and API Rest v1) use list of concatenated values with a semicolon delimiter:
But the code only use the PHP implode/explode functions to deal with it, without any possibility to escape the delimiter in the value.
Therefor we can't use value that may contains a semicolon. And if such a value already exists the export format is broken (you can't reimport the exported values without compromised data).
Another issue already exists #6718 but I choose to create a new one because the problem is much more general.
Steps to Reproduce
Create a test host (just for the example, we can also test directly with a CMD object):
Add/set a value that contains a semicolon, for example in the host description:
Or trying to escape the semicolon inside the value:
Describe the received result
The getparam returns the value truncated after the semicolon:
Or with the escaped test:
Describe the expected result
The complete original value:
Additional relevant information
It's rare to have value containing a semicolon and often we can avoid to use it... But it's possible and sometime it's necessary!
So this problem seems really important, because it concerns any value, for any action and any object. Either it's impossibile to use some values, or maybe even worse it can be responsible for erroneous data: