Download & Extend

W3C Validation when printing ampersands (&)

Project:Taxonomy Image
Version:6.x-1.6
Component:Code
Category:bug report
Priority:normal
Assigned:Unassigned
Status:needs review

Issue Summary

I am trying to figure out if it is me or Taxonomy Image that is messing up my validation.

I am printing taxonomy image in the node.tpl.php like this:

<?php
print $node->content['taxonomy_image']['#value'];
?>

But it is outputting this:
Only local images are allowed.

As you can see the title tag is printing "Food &amp; Drink" with a faulty & ?? Yet the alt tag is OK and everywhere else on the site is fine.

Any ideas on this one?

Comments

#1

Sorry - I mean it is outputting this - see title tag:

<div class="taxonomy-images"><a href="link" class="taxonomy-image-links"><img src="imagegoeshere" alt="Food &amp; Drink" title="Food &amp;amp; Drink" height="15" width="15">

#2

Status:active» patch (to be ported)

Hi,

I got the same in 5-x-1.6. I commented one line and now it works fine. See attached patch.

Hope this helps.

AttachmentSize
amp.patch 539 bytes

#3

Thanks, I used that against 6.x and it works.

#4

Status:patch (to be ported)» needs work

Put a double quote into the text and see how it breaks with that commented out. Or even worse, use <script><alert>Security violation!</alert></script>.

#5

Status:needs work» needs review

Patch attached which fixes the ampersand encoding problem while preserving the quotes encoding and security encoding for < and >.

Patch is against 6.x-1.6.

Tim Knittel

AttachmentSize
taxonomy_image-ampersand-528478-5.patch 659 bytes

#6

--- ./taxonomy_image.module_OLD 2011-03-19 14:54:11.000000000 -0400
+++ ./taxonomy_image.module 2011-03-19 14:56:18.000000000 -0400

now change the 67 line
// Have to dump double quotes for attribute.
$current->title=strip_tags($current->title);

nobody click here