Hi svasti,
svasti wrote:Hm, that's new in CMSimple_XH 1.5.4.
Yes. In the
discussion about UTF-8, I've asked, if this check should be added to XH 1.5.4:
cmb wrote:In addition we might consider checking all GPC data for UTF-8 validity to avoid potential security risks by malformed input.
As nobody said otherwise I've added the check. But I've found a bug and
reported this some days ago.
However, I was not able to reproduce the problems with Calendar. Even if the check will be removed from CMSimple_XH, I would be very interested what caused the error message as it might be caused by a bug in the UTF-8 library. So could you please do some debugging? The check happens in cmsimple/cms.php line 188ff. Just change it to:
Code: Select all
foreach (array('_GET', '_POST', '_COOKIE') as $temp => $i) {
foreach ($$i as $j) {
if (!utf8_is_valid($j)) {
var_dump($i);
var_dump($temp);
var_dump($j);
exit('Malformed UTF-8 detected!');
}
}
}
and save the eventlist again. Then the array, the key and the value of the "malformed" UTF-8 should be reported.
Christoph
PS: I wouldn't be surprised, if the error message is caused by a cookie on the same domain, which is not encoded as UTF-8. So we should exclude at least the general check for cookies.