Opened 8 years ago
Closed 7 years ago
#7459 closed defect (bug) (fixed)
Autolink disturb values containing single quotes
Reported by: | danbp | Owned by: | djpaul |
---|---|---|---|
Milestone: | 3.0 | Priority: | normal |
Severity: | normal | Version: | 2.8.0 |
Component: | Extended Profile | Keywords: | has-patch |
Cc: | danco38@… |
Description
Issue is very near of the one described in #7317. Affect only selectbox type. A single text box or a multiselectbox is not affected.
You can reproduce by doing following steps
Create a selectbox.
Add a first option and call it o'brien
Add a second and call it o'hara
Disable autolink option.
Go to your profile, select an option and save. Anything looks correct.
Now enable autolink, return to your profile, set the option you want and save.
The quote comes up as ascii (ie. o' hara
)
I also tried to enter the option value with ascii chars. All went well on admin side, but when i tried to save the change on frontend, i received an error message.
Attachments (1)
Change History (8)
#5
@
7 years ago
- Keywords has-patch added
xprofile: fix HTML entities in semi-colon seperated field values rendering incorrectly when auto-link is enabled.
bp_xprofile_escape_field_data()
runs before the function, which often runs esc_html().
In turn, that encodes HTML entities in the string (";" becomes "'").
Before splitting on the ";" character, decode the HTML entities, and re-encode after.
Thanks for the report. I remember working with Andy back in the day to debug this sort of issue when xprofile was first implemented.