PhotoPost Community - View Single Post

WB · October 6th, 2005, 02:26 PM

We just upgraded to 3.1 (using the current build as of today).

Two things that we noticed thus far:

The 'HTML' settings don't appear to be respected.

For example:

Allow HTML in Reviews?

is set to no in our admin interface but HTML still gets evaluated. It is back to how it was when I first reported the security issue with HTML. I can put in a sample JS and it gets evaluated.

I tried switching the setting to yes and then back to no to no avail. No matter what the setting, HTML gets evaluated.

Note that we are using the customer service templates so not sure if it is an error in just that template set or across the board.

Looking at Mark's prior posts though, I suspect it may be across the board, since he mentions the field being set to the opposite of what is happening.

In the build we downloaded there wasn't a commentspal.tmpl file in the templates folder. Is that file no longer needed or was it left out of the build? If left out, can you include so we can update ours (we updated all templates to make sure that we got the latest changes)?

Thanks.

October 6th, 2005, 02:26 PM	#1 (permalink)
WB Member Verified Customer Join Date: Jan 2002 Posts: 265	3.1 HTML Settings(FIXED) We just upgraded to 3.1 (using the current build as of today). Two things that we noticed thus far: The 'HTML' settings don't appear to be respected. For example: Allow HTML in Reviews? is set to no in our admin interface but HTML still gets evaluated. It is back to how it was when I first reported the security issue with HTML. I can put in a sample JS and it gets evaluated. I tried switching the setting to yes and then back to no to no avail. No matter what the setting, HTML gets evaluated. Note that we are using the customer service templates so not sure if it is an error in just that template set or across the board. Looking at Mark's prior posts though, I suspect it may be across the board, since he mentions the field being set to the opposite of what is happening. In the build we downloaded there wasn't a commentspal.tmpl file in the templates folder. Is that file no longer needed or was it left out of the build? If left out, can you include so we can update ours (we updated all templates to make sure that we got the latest changes)? Thanks.