• 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!

TOPIC: YouJoomla template removes special characters

YouJoomla template removes special characters 12 years 3 months ago #20915

  • zambala
  • zambala's Avatar
  • OFFLINE
  • Fresh Boarder
  • Posts: 1
Hello,

RS Form in Module position cleans submitted emails :(

I am playing around with 2 fields submit (name, email) - in preview it works ok, but when I try in Module - it cleans all non-alpha and returns "invalid input";

i.e. - if I write email This e-mail address is being protected from spambots. You need JavaScript enabled to view it , after submit it returns zambazambacom - "invalid input"

What is wrong there?!
Last Edit: 12 years 2 months ago by octavian. Reason: changed subject
The administrator has disabled public write access.

RSF in Module cleans e-mails 12 years 3 months ago #20923

  • octavian
  • octavian's Avatar
  • NOW ONLINE
  • RSJoomla! Official Staff
  • Posts: 783
  • Thank you received: 110
That's actually an issue with your template - YouJoomla templates do that. We've provided a fix in their code a long time ago but for some reason they didn't incorporate it in all their templates.
Please note: my help is not official customer support. To receive your support, submit a ticket by clicking here
Regards,
RSJoomla! Development Team
The administrator has disabled public write access.

RSF in Module cleans e-mails 12 years 2 months ago #21919

octavian wrote:
That's actually an issue with your template - YouJoomla templates do that. We've provided a fix in their code a long time ago but for some reason they didn't incorporate it in all their templates.

Hello Octavian, could you send me the fix please? I need to get working properly rsform module in a YouJoomla template.

Thank you & best regards.
The administrator has disabled public write access.

RSF in Module cleans e-mails 12 years 2 months ago #21924

  • octavian
  • octavian's Avatar
  • NOW ONLINE
  • RSJoomla! Official Staff
  • Posts: 783
  • Thank you received: 110
There are two ways, depending on which template you are using:
1) Please open "/templates/<YOUR_YOUJOOMLA_TEMPLATE>/yjsgcore/yjsg_core.php" and search for the following:
// XSS PROTECTION
$_GET = preg_replace("|([^\w\s\'])|i",'',$_GET);
$_POST = preg_replace("|([^\w\s\'])|i",'',$_POST);

If you can find it, just remove the lines or replace them with:
// XSS PROTECTION
//$_GET = preg_replace("|([^\w\s\'])|i",'',$_GET);
//$_POST = preg_replace("|([^\w\s\'])|i",'',$_POST);

2) If you don't find the above, open "/templates/<YOUR_YOUJOOMLA_TEMPLATE>/yjsgcore/yjsg_validate.php" and search for:
function yjsg_validate_data (&$array)
{
    if (is_array($array))
        foreach ($array as $key => $value)
            yjsg_validate_data($array[$key]);
    else
        $array = preg_replace("|([^\w\s\'])|i",'',$array);
}

Replace it with:
function yjsg_validate_data (&$array)
{
}

There's also a blog post where they announced the introduction of this "feature". Here's an excerpt from their post:
So we came up with few lines of code that would strip everything from $_POST or $_GET and just return letters, numbers , spaces and '
Basically they're stripping characters and that's a bad idea (what about passwords that might contain special characters? what about email addresses? etc).

PS: Please, please contact YouJoomla and report this bug! If enough people report it I can only hope they will drop the whole code or just fix it once and for all.
Please note: my help is not official customer support. To receive your support, submit a ticket by clicking here
Regards,
RSJoomla! Development Team
The administrator has disabled public write access.
  • 1

Read this first!

We do not monitor these forums. The forum is provided to exchange information and experience with other users ONLY. Forum responses are not guaranteed.

However, please submit a ticket if you have an active subscription and wish to receive support. Our ticketing system is the only way of getting in touch with RSJoomla! and receiving the official RSJoomla! Customer Support.

For more information, the Support Policy is located here.

Thank you!