Problem with showing of search results
Posted: Fri Dec 06, 2013 4:02 am
I have tried searching for something, (this is the result page)
Apparently, when the hilit function uses too common words, the server delivers non-readable junk where the standard spoiler marks should be. And you can click the "show" part of the spoiler, but you can't open the spoiler, as nothing happens. When I change the address by deleting "too common" words in the hilit funtion, it works fine.
Just wanted to tell, as this could be an indication of a faulty implementation somewhere, which could lead to vulnerabilities regarding the server.
EDIT: a bit more testing: it only happens when you have the word "this" highlighted, as it appears in the code of the "spoiler" function.
"for" is no problem, neither "die".
Edit2: "else" is also a problem, but it looks different. Apparently, the search function searches in the code of tags too, and as many common words are used in programming languages too, this happens.... Functionnames are unlikely to be searched, but someone knowing a bit about phpBB might know more.
Apparently, when the hilit function uses too common words, the server delivers non-readable junk where the standard spoiler marks should be. And you can click the "show" part of the spoiler, but you can't open the spoiler, as nothing happens. When I change the address by deleting "too common" words in the hilit funtion, it works fine.
Just wanted to tell, as this could be an indication of a faulty implementation somewhere, which could lead to vulnerabilities regarding the server.
EDIT: a bit more testing: it only happens when you have the word "this" highlighted, as it appears in the code of the "spoiler" function.
"for" is no problem, neither "die".
Edit2: "else" is also a problem, but it looks different. Apparently, the search function searches in the code of tags too, and as many common words are used in programming languages too, this happens.... Functionnames are unlikely to be searched, but someone knowing a bit about phpBB might know more.