user2 Posted August 26, 2014 Share Posted August 26, 2014 Hi, I've been customizing the default theme and noticed an issue whereby the get variable 'back' is not encoded correctly. For example in authentication.tpl the following line is used: <form action="{$link->getPageLink('authentication', true, NULL, "back=$back")|escape:'html':'UTF-8'}" method="post" id="new_account_form" class="std clearfix"> This results in ampersands in the $back variable being escaped to & whereas they should be escaped to %26. I have fixed this by added the following line prior to the <form action.... line: {assign var='back' value={$back|escape:'url':'UTF-8'[spam-filter] This encodes the $back variable correctly. In reality the get variables should probably be encoded independently of the URL in all instances across prestashop. I've never used Smarty so I'm not sure how to do it inline. Hope this helps someone. Please consider fixing this in the next release. User2 1 Link to comment Share on other sites More sharing options...
wallchopz Posted August 13, 2015 Share Posted August 13, 2015 Thank you for this, user2! Awesome fix. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now