Redmine wiki sql query
Hello. Please, help me.
Redmine version 2.1.4
Ruby version 1.9.3
Rails version 3.2.8
I want to use redmine plugin "Redmine wiki sql".
Plugins migrate succesful, SQL query succeeds.
But when i save Wiki-page, it show:
But, HTML-code page:
So, SQL query succeeds, but "<" change to "<_;", and ">" to ">_;". ( _ - for clarity)
How can i change wiki to display a table??
P.S. sorry for my English.
The plugin page reads
Compatible with: Redmine 1.2.x
and the github repository has only 2 initial commits and a single fork.
You should contact the author of the plugin and check if it's compatible with 2.x...
<is another representation (HTML character encoding) of <, something encodes your characters into HTML entities.
Another thing worth mentioning is the huge security problem you open up by allowing the user arbitrary SQL queries...
RE: Redmine wiki sql query - Added by Ivan Cenov over 8 years ago
change line 43 from
return _table.html_safeHowever, I agree with Jan Niggemann that this is a big security hole.