Did last night's Windows Update kill your DNN sites?

There apparently were two .Net Security Patches made available last night in WIndows Update. They are causing some problems with DNN, not sure which versions specifically, but I've seen issues reported in 4.3.6 and  4.3.5 so far.

Sebastian posted this in a forum earlier today as fix for the Text/HTML module no longer working.

in /controls/TextEditor.ascx line 9 replace id = ”celTextEditor” Runat=”Server” with id = "celTextEditor" Runat="Server"

The issue being the CURLY quotes (I don't know the proper term and am too lazy busy to look it up). I had another client with the same problem, they had curly quotes in their skin file instead of normal "" quotes, with windows update last night the skin immediately broke.

So if you're having some issues with your DNN sites, start looking for funky quotes and replacing them with standard quotes!

8 Comments

  • Hi, could you provide more information on how we could reproduce the problem using just an aspx page with curly quotes? I tried a page with the following, and it is already failing on a unpatched machine.



    (The quotes used are curly.)

    The error message I got is :
    Parser Error Message: The Runat attribute must have the value Server.

  • Thanks for that...couldn't blog today till i found this post

  • The recent Windows Update (WU) release included a number of .NET Framework patches in addition to security related fixes. As part of those patches, there were changes to how strings are parsed/converted when using encoding classes like System.Text.UTF8Encoding.

    The behavior you are seeing is because prior to the recent WU release, the 2.0 Framework text encoding types would silently strip out or ignore unrecognizable characters. In the case of ASP.NET parsing a text file, like an .aspx or an .ascx, the text encoders in the unpatched 2.0 framework would silently ignore a character like a smart-quote. With the patch installed though the encoders now convert unrecognized characters into a common value: U+FFFD. This value is intened as a kind of error marker value.

    Unfortunately that means formerly innocous syntax errors in ASP.NET pages now result in spurious U+FFFD characters showing up as a result of a page parse. When ASP.NET then attempts to process the resulting text it fails since U+FFFD is not recognized as a valid character in the declarative definition of control tags.

    As other folks have noted above, the workaround is to find the .ascx/.aspx/.skin/.master/etc... files that have the bogus characters and change these files to have the correct character.

  • I have XP intalled and have just run into the problem with curly brackets - not on aspx pages but in text that isbeing installed as part of a data upload using the sql scripting tools.
    Look to me that this is yet another issue with DNN/ASP.NET/SQL Scripts
    ~Flakey ~ the scripts take a while to run -I am just waiting to see if this curly bracket problem has fixed this issue for me - seems to have worked - just a few other silly issues to sort out (Incorrect syntax near '?'. )

  • I am having the same symptoms and i have replaced all double quotes with straight double quotes, but that has not resolved it. Is there anything else I can try??

  • OK, I finally found the issue. The DNN Log Viewer said the problem was in EditHTML.ascx which did not have any curly quotes. EditHTML.ascx references texteditor.ascx (in the controls directory) which has the curly quotes mentioned at the top of this page. All is well now.

    But I would like to know who the knucklehead was that edited that line in the texteditor.ascx with Word instead of a standard text editor??

  • Thanks for posting this!

  • I had to edit both the EditEntry.ascx AND the texteditor.ascx to fix the problem.

Comments have been disabled for this content.