2 select fields were defined by user where the select value contained an &
In the data array for webform_component the & remained as is.

In the form results, written from the webpage where the text was escaped, the & was transformed into &

This caused match on the select value to fail in _webform_csv_data_select
I added the following workaround:
$item = str_replace('&', '&', $item);
just above
if (in_array($item,(array)$data['value']) === true) {
But that hack was specific to this case and doesn't handle the general issue of HTML encoding.

Additionally, the CSV field headers were pulled from the answers and thus had & transformed into amp by _webform_safe_name, which brought them into conflict with the actual field names on the web page where the safe name was generated from webform_component table thus Foo & Bar became Foo__Bar in one, and Foo_amp_Bar in the other.

I tagged this bug critical since it resulted in data corruption of the CSV. Your own call on this one I suppose.

Comments

kyber’s picture

kyber commented

Make that

$item = str_replace('&', '&', $item);
if (in_array($item,(array)$data['value']) === true) {

and, for that matter, following workaround in _webform_safe_name

  $new = str_replace('&', '', $new);
  $new = preg_replace('/[^a-z0-9_]/', '', $new);

Neither of those are the right way to do it, obviously.

quicksketch’s picture

quicksketch
he/him
commented
Status: Active » Closed (duplicate)

This has been fixed finally in 1.x and 2.x branches in this ticket: http://drupal.org/node/150306. It will be in the 1.9 release of webform.