Text field storing #39 encoding when display only

pastvne

pastvne

Bruce Decker
Hi All:
Happy holidays.

I'm working on a project where I have a field/text element with no WYSIWYG. I set the element access to allow one viewlevel to edit and another to display (no edit). If I login with user that carries the edit access, I can enter text including apostrophe and it stores correctly into the database with the unencoded string (in this case containing an unencoded, liter apostophe) store liternally (no encoding).

But if I login with another user that does not have edit access rights on that element, it will properly display the text but if I save the record, the database ends up with encoded entities in the stored record (#39).

I'm looking now at using a form plug-in to cleanse the field before Fabrik updates the field. But, I'm wondering why it should behave this way and whether I've either caused the issue by the way I've defined the element or if there is another approach that is cleaner than using a form plug-in to cleans the field value.

Thanks,
Bruce
 
Okay, I have a work around in case anyone runs into this. It's mainly an issue because this field contains characters such as ampersand. For some reason, if the user using a form to edit a record does not have edit privileges (view only), when they save the record, the htmlspecialcharacters are left in the value of the field which is updated to the database. The nasty part is that something is going on with htmlspecialchars_decode whereby it can't seem to deal with apostrophe being expressed as ''' so it leaves it in the string. I forced it out to normal ampersand character with a str_replace. The nasty bit where I'm converting the ''' expressed in hex back to ascii with hex2bin() is because I think the code editor in fabrik is confused and you can't express that string literally in the code editor.

So, for safety, I added to the form the following php plug-in code:
Code: 
$apos = htmlspecialchars("'",ENT_QUOTES);
$clean = str_replace($apos,"'",htmlspecialchars_decode('{csp_document_types___hint_code}', ENT_QUOTES));
$formModel->updateFormData('csp_document_types___hint_code', $clean);
 
You must log in or register to reply here.

Useful links

  • Create a Fabrik Account (Downloads)
  • Create a Forum Account
  • Fabrik Wiki
  • Fabrik 4 Changelog /Install /Upgrade
    • We are in need of some funding.
    More details.

    Thank you.

    Members online

    Total: 115 (members: 2, guests: 113)
    Back
    Top