Instead of removing it, the following fix might work:
The admin side can stores html in some other tables (e.g. product description), and the reason is, the admin side zen_db_prepare_input does NOT include a zen_sanitize_string.
If we added an HTML safe zen_db_prepare_input to catalog side, and used that when preparing $email_html in zen_mail_archive_write, it would fix this problem.
I am just uncertain if it would introduce a security issue. I suspect not, but I am not certain.
Thread: Email Archive Manager
Results 1 to 10 of 209
Threaded View
-
27 Feb 2017, 12:00 AM #11
Administrator
- Join Date
- Feb 2006
- Location
- Tampa Bay, Florida
- Posts
- 9,707
- Plugin Contributions
- 123
Re: Email Archive Manager
That Software Guy. My Store: Zen Cart Modifications
Available for hire - See my ad in Services
Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.
Do you benefit from Zen Cart? Then please support the project.
Reply With QuoteSimilar Threads
-
Email Archive Manager - D/M/Y Date issue:
By rlexyd in forum All Other Contributions/AddonsReplies: 0Last Post: 27 Jul 2010, 05:26 AM -
problem with Email Archive Manager on 1.3.6
By rstevenson in forum All Other Contributions/AddonsReplies: 0Last Post: 5 Aug 2008, 02:57 PM -
Email Archive Manager kicks me out of Admin
By Bostitch in forum All Other Contributions/AddonsReplies: 1Last Post: 8 Mar 2008, 01:30 AM -
Email sent to archive manager-never delivered
By SweetandLavish in forum General QuestionsReplies: 10Last Post: 10 Jun 2007, 03:31 PM
Bookmarks