I have just upgraded to the latest github but it didn't help with this issue.
However, I bit the bullet and after spending the morning on it, I have managed to find a fix!
I don't fully understand why the problem is occurring because you already have code to prevent this happening. Here is the code which causes the problem from line 1471 in /components/com_fabrik/helpers/html.php:
PHP:
$bits = array();
foreach ($properties as $key => $val)
{
if ($key === 'title')
{
$val = htmlspecialchars($val, ENT_QUOTES);
}
$bits[$key] = $val;
}
$p = '';
foreach ($bits as $key => $val)
{
$val = str_replace('"', "'", $val);
$p .= $key . '="' . $val . '" ';
}
return $src == '' ? '' : '<img src="' . $src . '" ' . $p . '/>';
For some reason, the str_replace does not work on the title tag after htmlspecialchars has done its thing. I have no idea why because when using echo or print_r on the variables, I can clearly see the double quotes but for some reason, str_replace cant. In fact, htmlspecialchars doesn't seem to change the string at all (apart from breaking str_replace). I have tried various different htmlspecialchars parameters but they don't seem to make any difference... ???
Anyway, my fix is simple. Do the str_replace on the title before htmlspecialchars gets involved. Here is the working version for me:
PHP:
$bits = array();
foreach ($properties as $key => $val)
{
if ($key === 'title')
{
$val = str_replace('"', "'", $val);
$val = htmlspecialchars($val, ENT_QUOTES);
}
$bits[$key] = $val;
}
$p = '';
foreach ($bits as $key => $val)
{
$val = str_replace('"', "'", $val);
$p .= $key . '="' . $val . '" ';
}
return $src == '' ? '' : '<img src="' . $src . '" ' . $p . '/>';
This fixes the problem for me but is bizarre because the problem only occurred when using the content plugin. For example, here are the outputs from the same form that are generate for me after my change:
Form loaded from content plugin:
HTML:
<img src="http://www.help-diabetes.org.uk/media/com_fabrik/images/notempty.png" class="fabrikTip fabrikImg" opts="{'position':'top'}" title="<div><ul class='validation-notices' style='list-style:none'><li><img src='http://www.help-diabetes.org.uk/media/com_fabrik/images/notempty.png' class='notempty fabrikImg' />This is a required field</li></ul></div>" />
Form loaded from menu link:
HTML:
<img src="http://www.help-diabetes.org.uk/media/com_fabrik/images/notempty.png" class="fabrikTip fabrikImg" opts="{'position':'top'}" title="<div><ul class='validation-notices' style='list-style:none'><li><img src='http://www.help-diabetes.org.uk/media/com_fabrik/images/notempty.png' class='notempty fabrikImg' />This is a required field</li></ul></div>" />
As you can see, the same htmlspecialchars function is working in one case but not the other. Not only that, but it is preventing str_replace from working on it afterwards.
Crazy! Maybe it is a bug in PHP (we are using v5.3.16).