Wedge

Public area => Bug reports => The Pub => Archived fixes => Topic started by: Dr. Deejay on November 3rd, 2012, 07:59 PM

Title: Small bug in permissions
Post by: Dr. Deejay on November 3rd, 2012, 07:59 PM

When going to the permission screen and selecting a group (in this case the regular members group), you'll see something like this above the 'General Permissions - "Regular Members"' bar:

Quote

Are you sure you want to continue?', e);">

I really like Wedge so far, though, great work! :)

Title: Re: Small bug in permissions
Post by: Arantor on November 3rd, 2012, 08:28 PM

Thanks for the report. I know why it's happening, it's one of the bugs relating to the new ask/say code where the language string contains a " - and JavaScriptEscape doesn't escape those.

I've fixed it locally but it does raise issues for the future.

Title: Re: Small bug in permissions
Post by: Dr. Deejay on November 3rd, 2012, 10:29 PM

Quote from Arantor on November 3rd, 2012, 08:28 PM

Thanks for the report.

My pleasure and thanks for fixing it. :)

Title: Re: Small bug in permissions
Post by: Nao on November 3rd, 2012, 10:31 PM

Heya.

I noticed the bug yesterday when trying to fix the access permissions for Testers.
I also spotted the reason why it failed to work, as fixed by Pete.

There isn't much of a solution to this... It's possible to 'simply' have JavaScriptEscape escape double quotes as well, but generally I'd tend to avoid anything that adds extra bytes to the page when not strictly necessary... It all comes down to this: if you're calling a complex function right inside an onclick event, you might as well try and not have double quotes inside it... It kinda makes sense. onclick="alert("hello")" will never validate, will never execute, and Wedge can try as hard as it can, it won't be able to save it either...

All in all: I made a small mistake while rewriting the alert() call, but that's because I was doing that on dozens of calls, and I was way too tired for the job. (See how I made multiple commits to fix bugs I'd just introduced...)

So, no, it's not an issue for the future. It's something that's been there for two years and that's here to stay. ;) We just need to determine whether we hardcode " into the language strings (not what I'd recommend), or add a param to JSE to have it convert double quotes as well...

Title: Re: Small bug in permissions
Post by: Arantor on November 3rd, 2012, 11:02 PM

It does raise an issue - how many more strings are called that have " in them?

Title: Re: Small bug in permissions
Post by: Nao on November 3rd, 2012, 11:04 PM

But that isn't even a problem..?

Oh, do you mean "it would simply be easier to just reset everything back to ", like in SMF..."?
I simply think it'd be overkill.

Title: Re: Small bug in permissions
Post by: Arantor on November 3rd, 2012, 11:29 PM

No... the whole problem comes about because a language string unknowingly had a " in it. Either JSE has to fix it, or we have to hunt down every single string that might have a " in it... this is the problem I'm referring to.