Details
-
Bug
-
Resolution: Fixed
-
High
-
5.4.9
-
None
Description
The ezxmltext datatype allows editors to embed custom tags. For example the 'factbox'. A custom tag may have input fields allowing the editor to type in text. For example 'Title' for the 'factbox'.
If you type in a " (double-quote) char into the custom tag field, it is getting encoded twice before the value gets stored in the database. That's problematic because the template that renders the custom tag is not receiving the " char but '"' instead.
Steps to reproduce:
1. Create a new test article;
2. On the "Body" field, insert a new "factbox" custom tag;
3. The factbox has a "Title" field. Enter the following HTML code:
<iframe src="http://www.example.com"></iframe>
4. Save the custom tag, and publish the article;
5. On the frontend, go to the test article, and you'll see the word "factbox", as expected. However, if you view the page source, you get this:
<div class="ezxmltext-field"><custom xmlns:custom="http://ez.no/namespaces/ezpublish3/custom/" name="factbox" custom:title="<iframe src=&quot;http://www.mugo.ca&quot;></iframe>" custom:align="right"><p>factbox</p></custom>