Support for SermonSpeaker 4.x is canceled as it is for Joomla 2.5. I will gladly assist you with minor issues but I will not fix any bugs anymore in this releases.
The fix is to upgrade to SermonSpeaker 5.x and Joomla 3.x, which is better anyway.

Audio/Video file links are not escaped properly

More
17 May 2013 05:21 - 17 May 2013 05:23 #3475 by Robert
Audio/Video file links are not escaped properly was created by Robert
If your file names contain apostrophes for example the word Don't, the PHP string is not escaped by addslashes command.

This is done properly for the descriptions and the titles:
$entry = addslashes($temp_item->sermon_title);

But not for links:
$file = SermonspeakerHelperSermonspeaker::makeLink($temp_item->audiofile);


I had go into jwplayer5.php add escaping (addslashes) to all file references:
$file = SermonspeakerHelperSermonspeaker::makeLink(addslashes($temp_item->audiofile));

I do not know if this issues exists for the other player types, but please correct in the next release so I don't have to add this each time we need update our extensions on 40 chrush sites we are migrating to Joomla 2.5.

Thank you!
Last edit: 17 May 2013 05:23 by Robert.

Please Log in or Create an account to join the conversation.

More
17 May 2013 21:41 #3479 by Thomas Hunziker
Replied by Thomas Hunziker on topic Audio/Video file links are not escaped properly
Actually, a quote shouldn't be used within a filename as it is a reserved character for URLs according to tools.ietf.org/html/rfc3986#section-2 .

If you upload the file using SermonSpeaker, the quote and other unsafe characters will be removed from the filename and it will be all lowercased so it is safe for use in an URL.

So the real real solution is to name your files properly, not to escape the unsafe filenames ;-)

Please Log in or Create an account to join the conversation.

Time to create page: 0.157 seconds
Powered by Kunena Forum