Announcement

Collapse
No announcement yet.

UNFIXED BUG in file upload

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • UNFIXED BUG in file upload

    There I am again. Since we had SC6 I saw a bug in the file uploads. Namely that filenames with a + in it will not get uploaded.
    This bug still exists evn up to the last SC8 version .0023 as I am counting.!!!!!
    I have told in detail how to hack the generated code to make it work, I can provide an application that shows it and still it is NOT fixed...

    I want this bug fixed, together with other behaviour that is wrong.

    The worst case is that the *_nmutf8.php is still wrong. This goes for ALL pplications that have the ..._nmutf8.php (so almost everyone).
    I have the details to fix this once generated. Where can I send my application with the details for scriptcase to fix this bug?
    I am getting fed up fixing bugs in the deployment every time.
    Since the NM_utf8_urldecode is used a LOT I find this a pretty serious error.
    And I dont want an answer like 'reported to our development team' that basically means it never gets fixed.
    So where can I send a simple application with reports on the fixes and what I found to go wrong.

    As a general remark, if NM_utf8_urldecode decodes a + character to &#44 (instead of &#43 what it should be)

    This is the generated code:
    Code:
        function NM_utf8_urldecode($str)
        {
            if (is_array($str))
            {
                return $str;
            }
            $aRep = array(
                          '&' => '&',
                          '<' => '&lt;',
                          '>' => '&gt;',
                          '"' => '&quot;',
                          "'" => '&apos;',
                          '+' => '&#44',
                          '' => '&Aacute;',
                          '' => '&aacute;',
                          '' => '&Acirc;',
                          '' => '&acirc;',
                          '' => '&Agrave;',
                          '' => '&agrave;',
                          '' => '&Aring;',
                          '' => '&aring;',
                          '' => '&Atilde;',
                          '' => '&atilde;',
                          '' => '&Auml;',
                          '' => '&auml;',
                          '' => '&Aelig;',
                          '' => '&aelig;',
                          '' => '&Ccedil;',
                          '' => '&ccedil;',
                          '' => '&Eacute;',
                          '' => '&eacute;',
                          '' => '&Ecirc;',
                          '' => '&ecirc;',
                          '' => '&Egrave;',
                          '' => '&egrave;',
                          '' => '&Euml;',
                          '' => '&euml;',
                          '' => '&Iacute;',
                          '' => '&iacute;',
                          '' => '&Icirc;',
                          '' => '&icirc;',
                          '' => '&Igrave;',
                          '' => '&igrave;',
                          '' => '&Iuml;',
                          '' => '&iuml;',
                          '' => '&Ntilde;',
                          '' => '&ntilde;',
                          '' => '&Oacute;',
                          '' => '&oacute;',
                          '' => '&Ocirc;',
                          '' => '&ocirc;',
                          '' => '&Ograve;',
                          '' => '&ograve;',
                          '' => '&Otilde;',
                          '' => '&otilde;',
                          '' => '&Ouml;',
                          '' => '&ouml;',
                          '' => '&Uacute;',
                          '' => '&uacute;',
                          '' => '&Ucirc;',
                          '' => '&ucirc;',
                          '' => '&Ugrave;',
                          '' => '&ugrave;',
                          '' => '&Uuml;',
                          '' => '&uuml;',
                          '' => '&uml;',
                          '' => '&cedil;',
                          '' => '&acute;',
                          '' => '&iexcl;',
                          '' => '&iquest;',
                          '' => '&middot;',
                          '' => '&euro;',
                          '' => '&cent;',
                          '' => '&pound;',
                          '' => '&curren;',
                          '' => '&yen;',
                          '' => '&sect;',
                          '' => '&copy;',
                          '' => '&reg;',
                          '' => '&deg;',
                          '' => '&ordf;',
                          '' => '&ordm;',
                          '' => '&sup1;',
                          '' => '&sup2;',
                          '' => '&sup3;',
                          '' => '&frac14;',
                          '' => '&frac12;',
                          '' => '&frac34;',
                          '' => '&laquo;',
                          '' => '&raquo;',
                          '' => '&not;',
                          '' => '&plusmn;',
                          '' => '&micro;',
                          '' => '&para;',
                          ' ' => '&nbsp;',
                          '' => '%u201C',
                          '' => '%u201D',
                          '' => '%u2018',
                          '' => '%u2019',
                         );
            $str = str_replace(array_values($aRep), array_keys($aRep), $str);
            if (isset($_SESSION['scriptcase']['charset']) && 'UTF-8' == $_SESSION['scriptcase']['charset'])
            {
                $str = mb_convert_encoding($str, 'UTF-8');
            }
            $str = preg_replace("/%u([0-9a-f]{3,4})/i", "&#x\\1;", urldecode($str));
            if (isset($_SESSION['scriptcase']['charset']) && 'BIG-5' == $_SESSION['scriptcase']['charset'])
            {
                $str = @html_entity_decode($str, null, 'BIG5');
            }
            else
            {
                $str = @html_entity_decode($str, null, $_SESSION['scriptcase']['charset']);
            }
            $str = NM_charset_decode($str);
            return str_replace('__NM_PLUS__', '+', $str);   <<<<<<<<<<<< this one is a partial fix
        }
    How to show the bug?
    Make a simple grid with a file upload field in it. Then run your application and upload a file with a + sign in it...
    By the way under a windows server various other characters will also fail. Interestingly enough this IS FIXABLE.

    O yes a file name with a % in it of course also doesnt work (same bug!).

    The upload size limitation of this forum doesnt allow me to upload my application.

  • #2
    Hello,

    Issue reported to our bugs team.

    regards,
    Bernhard Bernsmann

    Comment


    • #3
      Thank you very much rr, by the partial solution, I'll be telling this idea for our testing and development sector so it can be implemented.

      Once I have a positive response from your case I update your topic.

      Again, thank you for solving this case is very important.
      Best regards,
      Thomas Soares.
      ScriptCase International.

      Email: t.soares@scriptcase.net
      Visit our Blog: http://www.scriptcase.net/blog/
      Visit out fan page: http://www.facebook.com/Scriptcase

      Comment


      • #4
        You should have been given a more complete mail from aducom with more extra info in it including the ability to force downloads whcih isnt implemented in the standard scriptcase download.
        It would be nice if that could be implemented in the future as well. Be aware it depends on the php file info (which is almost 100% except for .eml files) NOT on the apache file info (which isnt 100% for docx and xslx and various other formats).

        Comment


        • #5
          Hello,

          I understand, but already I spent this information to the responsible sector remains now wait implementation.

          Thank you!
          Best regards,
          Thomas Soares.
          ScriptCase International.

          Email: t.soares@scriptcase.net
          Visit our Blog: http://www.scriptcase.net/blog/
          Visit out fan page: http://www.facebook.com/Scriptcase

          Comment


          • #6
            Hello

            We are still completing the implementation for the grid applications, but we did implementations regarding your code to the form of applications and are available in the update 8.0.026.

            There is a small problem with files named with the plus sign (+) in multi upload fields, but we are already aware of the problem and will be fixed in next updates.
            Best Regards,
            John L. Santos

            Bug Tracker Team
            NetMake - IT Solutions

            Comment

            Working...
            X