Hi GuysUsing Osticket v1.9.14-16When trying to paste a script into the web ticket creation from the client side I'm getting a situation where the script is getting parsed and the end result is a ticket with an incomplete script. Sample Ticket Creationhttp://imgur.com/gallery/HrdThIt seems to be breaking/parsing out the "<" in the first IF statementCan some one help me figure out why is it getting parsed out.Thanks
I would presume that its being parsed out because allowing code to be injected would be a pretty big security risk.You could try sanitizing is by changing <> to the html character entities. the and symbol followed by lt; etc.
As an after though if that wasn't clear see this:http://www.w3schools.com/html/html_entities.aspIt should clear up what I mean.
Thanks ntozierWhat I've found is that it is parsing out anything that proceeds a "less than" symbolTest < TestSo the above text when posted to osticket will look like this below in the resulting ticketTestI tried using lt; and ampersand but it still get's parsed.I'd like to know if anyone can point me to the file that contains the code that does the preg_replace of the < symbol.
