Bug #76705
closedDouble htmlencoding in backend select form wizard
0%
Description
hi.
I don't know, if this is a bug. I invested quite some time and still cannot figure out, how to get it running properly?
I have a N:M configuration of two tables and a term "Carrots & apples" gets double encoded in the left options list. So this is the selected options:
& => & => &
There is a htmlspecialchars() in TYPO3\CMS\Backend\Form\FormDataProvider\AbstractItemProvider->addItemsFromForeignTable() where data gets encoded the first time. Then the data is used within TYPO3\CMS\Backend\Form\Element\AbstractFormElement->dbFileIcons() and gets encoded a second time.
Do I have my TCA configuration wrong? If it is a bug it may be fixed with a parameter to htmlspecialchars(..., doubleencode=false).
#0 TYPO3\CMS\Backend\Form\FormDataProvider\AbstractItemProvider->addItemsFromForeignTable() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/FormDataProvider/TcaSelectItems.php:52] #1 TYPO3\CMS\Backend\Form\FormDataProvider\TcaSelectItems->addData() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/FormDataGroup/TcaDatabaseRecord.php:51] #2 TYPO3\CMS\Backend\Form\FormDataGroup\TcaDatabaseRecord->compile() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/FormDataCompiler.php:99] #3 TYPO3\CMS\Backend\Form\FormDataCompiler->compile() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Controller/EditDocumentController.php:1109] #4 TYPO3\CMS\Backend\Controller\EditDocumentController->makeEditForm() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Controller/EditDocumentController.php:1000] #5 TYPO3\CMS\Backend\Controller\EditDocumentController->main() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Controller/EditDocumentController.php:2018] #6 TYPO3\CMS\Backend\Controller\EditDocumentController->mainAction() #7 call_user_func_array() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Http/RouteDispatcher.php:54] #8 TYPO3\CMS\Backend\Http\RouteDispatcher->dispatch() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Http/RequestHandler.php:161] #9 TYPO3\CMS\Backend\Http\RequestHandler->dispatch() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Http/RequestHandler.php:94]
#0 TYPO3\CMS\Backend\Form\Element\AbstractFormElement->dbFileIcons() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/Element/SelectMultipleSideBySideElement.php:181] #1 TYPO3\CMS\Backend\Form\Element\SelectMultipleSideBySideElement->render() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/Container/SingleFieldContainer.php:170] #2 TYPO3\CMS\Backend\Form\Container\SingleFieldContainer->render() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/Container/PaletteAndSingleContainer.php:136] #3 TYPO3\CMS\Backend\Form\Container\PaletteAndSingleContainer->render() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/Container/NoTabsContainer.php:34] #4 TYPO3\CMS\Backend\Form\Container\NoTabsContainer->render() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/Container/FullRecordContainer.php:84] #5 TYPO3\CMS\Backend\Form\Container\FullRecordContainer->render() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Form/Container/OuterWrapContainer.php:53] #6 TYPO3\CMS\Backend\Form\Container\OuterWrapContainer->render() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Controller/EditDocumentController.php:1192] #7 TYPO3\CMS\Backend\Controller\EditDocumentController->makeEditForm() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Controller/EditDocumentController.php:1000] #8 TYPO3\CMS\Backend\Controller\EditDocumentController->main() called at [/var/www/mydomain.de/typo3_src-7.6.9/typo3/sysext/backend/Classes/Controller/EditDocumentController.php:2018] #9 TYPO3\CMS\Backend\Controller\EditDocumentController->mainAction()
'n_entity' => array( 'exclude' => 1, 'label' => 'LLL:EXT:n_entity', 'config' => array( 'type' => 'select', 'renderType' => 'selectMultipleSideBySide', 'foreign_table' => 'tx_asdf_domain_model_n_entity', 'foreign_table_where' => 'ORDER BY n_entity ASC', 'MM' => 'tx_asdf_ntable_mtable_mm', 'MM_opposite_field' => 'm_entity', 'size' => 10, 'autoSizeMax' => 30, 'maxitems' => 9999, 'multiple' => 0, 'wizards' => array( '_PADDING' => 1, '_VERTICAL' => 1, 'edit' => array( 'module' => array( 'name' => 'wizard_edit', ), 'type' => 'popup', 'title' => 'Edit', 'icon' => 'edit2.gif', 'popup_onlyOpenIfSelected' => 1, 'JSopenParams' => 'height=350,width=580,status=0,menubar=0,scrollbars=1', ), 'add' => Array( 'module' => array( 'name' => 'wizard_add', ), 'type' => 'script', 'title' => 'Create new', 'icon' => 'add.gif', 'params' => array( 'table' => 'tx_asdf_domain_model_n_entity', 'pid' => '###CURRENT_PID###', 'setValue' => 'prepend' ), ), ), ), ),
Updated by Wouter Wolters almost 8 years ago
- Status changed from New to Needs Feedback
Could you try the patch available at https://review.typo3.org/#/c/48779/5 ?
This should solve your problem
Updated by Henri Nathanson almost 8 years ago
I patched - set 5/5 - a 7.6.10 and the bug is gone. thx!
Updated by Wouter Wolters almost 8 years ago
- Status changed from Needs Feedback to Closed
Thanks for reporting back. This patch will soon be merged into 7.6 branch and will be part of the next 7.6 release. I'll close this issue now as solved.