Setwidgetbutton & In Irl Into &

[AllToolKits.com]

I was developing a plugin, in this we have an icon with a ahref.

We have a link in this like domain.com?jx=x1&y=y1 .When we pass it to setWidgetButton, this url is converted into

domain.com?jx=x1&y=y1 hence that can't be clicked.

 

Anyway to fix it?

 

[AllToolKits.com]

I did a temporory fix by editting the core file. I would like to know weather it'a a bug from blesta or an issue in my blesta plugin code.

Dif fix in following file

 

    Class                     :  helpers/html/html.php

    Method                   :  public function _(&$str, $return=false, $preserve_tags=false)

    Code before change : $result = (isset($str) ? $this->safe($str, $preserve_tags) : "");

    Code after change   : $result = isset($str) ? $str : "";

 

Let me know is there any nice way to fix it.

[Tyson]

 

I did a temporory fix by editting the core file. I would like to know weather it'a a bug from blesta or an issue in my blesta plugin code.

Dif fix in following file

 

    Class                     :  helpers/html/html.php

    Method                   :  public function _(&$str, $return=false, $preserve_tags=false)

    Code before change : $result = (isset($str) ? $this->safe($str, $preserve_tags) : "");

    Code after change   : $result = isset($str) ? $str : "";

 

Let me know is there any nice way to fix it.

 

 

You should not do this as it opens up the entire application to XSS vulnerabilities.

 

 

I was developing a plugin, in this we have an icon with a ahref.

We have a link in this like domain.com?jx=x1&y=y1 .When we pass it to setWidgetButton, this url is converted into

domain.com?jx=x1&y=y1 hence that can't be clicked.

 

Anyway to fix it?

We don't have this issue. Can you show us what you're doing when you make the call to Widget::setWidgetButton()?