Symphony.

I'm attempting to use nickdunn's Publish Filtering extension and noticed that if my filter term contains URLencoded elements, the search returns 0 results. It seems Symphony is not URLdecoding the _GET variables before searching the entries.

That is to say, filtering entry names by "Contains A Space" presents ?filter=name:Contains%20A%20Space which looks to be used as-is by Symphony.

I've taken a cursory look through the codebase, particularly toolkit classes like class.entrymanager.php, class.administrationpage.php, and several others; I don't see where _GET variables are pulled out for use in SQL WHERE clauses. If I could find it, I'd patch it with a urldecode().

I'm still cutting my teeth on Symphony, but I've experienced this bug on both a local MAMP installation as well as a mediatemple server. I figured I'd ask here before reporting a bug in case I'm just missing something.

@haircut,

If you think its a solid bug, you can always submit it as an issue.

Might be a Publish Filtering bug rather than a Symphony bug, no?

So I found where Symphony does its URI decoding, Line 67 in content.publish.php. This comment on the PHP manual page for rawurldecode() indicates that the JS, as used in the Publish Filtering extension, doesn't play nice with Magic Quotes. I turned off Magic Quotes and the filtering now works fine.

@czheng: I'm not sure what your take is on where the "bug" lies here. On one hand, it's a problem with a specific extension's implementation of URI decoding. However, maybe Symphony should expect that Magic Quotes is on (since so many configurations have it on by default) and use an alternate decoding function in case it receives JS-encoded strings?

I should clarify my thoughts: The problem is with the encoding used in a specific extension, but the filtering itself is done by Symphony; the extension provides a nice wrapper. Since the filtering is built-in, possibly an alternative decoding method would make Symphony agnostic to the encoding method of whatever future extensions or core functionalities that make use of the URI filtering.