Product Name not decoded correctly in Notification Email

Started by thewitt, February 27, 2015, 17:03:31 PM

Previous topic - Next topic

thewitt

VirtueMart 3.0.6
Joomla 3.4.0

In the file shopfunctionsf.php, which sends mail for various VM functions, there is a missing flag in the call to html_entity_decode.

It should be coded like this:

$mailer->setSubject( html_entity_decode( $subject, ENT_QUOTES ) );

Or else apostrophes in the email subject will be sent as '

This shows up in the Notification email when a customer wants to know when a product is back in stock if the product has an apostrophe in the name.

The Watcher's Keep is one of my products, and without the addition of the ENT_QUOTES flag, it shows up in the Mail Subject as The Watcher's Keep

I'm not sure if the decoded product name is going to be a problem anywhere else, but it is a problem here.  I am also looking at product_edit_customer.php and this line is a problem:

<input type="text" class="mail-subject" id="mail-subject" size="100"   value="<?php echo vmText::sprintf ('COM_VIRTUEMART_PRODUCT_EMAIL_SHOPPERS_SUBJECT',htmlentities($this->product->product_name)) ?>">


The call to htmlentities should not be there. This should probably also be a call to html_entity_decode so that the subject for the email does not include a &#39; if the product has an apostrophe.

I'm trying to make the Email Customers Who Bought This Product function work, so there will likely be other things to change in that file before I'm finished.

The first one is a bug either way however.