michael-e
michael-e
See https://github.com/creativedutchmen/email_template_manager/issues/85#issuecomment-167444786
ETM does not use Symphony's permission settings when writing files and folders.
When attempting to delete a template, one file (`template.plain.xsl`) will get deleted, then an error will occur: > Could not delete: Directory /var/www/lalala/workspace/email-templates/test could not be removed. Please check permissions....
According to [a forum thread](http://www.getsymphony.com/discuss/thread/107481/1/#position-1), installation fails silently if the workspace folder is not writable.
Affected Symphony version(s) : 2.7.x PHP version(s) : all Handle creation in Symphony 2.7 is broken. `+`characters, for example, will be included in handles, but they should not be. You...
In the frontend (i.e. without a visitor being logged in to Symphony), XSRF tokens are not generated. The backend uses `$this->Page->Form->prependChild(XSRF::formToken());` on every form, which will in turn call `self::getToken()`—so...
Affected Symphony version(s) : LTS The current Symphony version is an "LTS" (Long Term Support) version. However, PHP compatibility is limited to PHP 7.1. Active support for PHP 7.1 has...
Affected Symphony version(s) : 2.7.x (current) PHP version(s) : all OS(es) : all In the Symphony core, the Widget class provides methods to build HTML output. Sanitizing of values is...
As mentioned in #2024, control characters in Input fields will currently be saved to the database and also make their way to the handle of the field. Thus certain characters...