Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
We're using the LDAP modules to provision Drupal accounts via feeds and when a user logs in. We then built a staff directory using the views module and quickly discovered that characters such as ampersands were being double escaped when rendered by views or by the default user profile page.
For example one of the attributes we're using is department. Saving an LDAP user with department of "Foo & Bar" gets saved to the database escaped:
mysql> select * from field_data_field_department\G
....
*************************** 2. row ***************************
entity_type: user
bundle: user
deleted: 0
entity_id: 17898
revision_id: 17898
language: und
delta: 0
field_department_value: FOO & BAR
field_department_format: NULL
However when views and the user profile renders that field it escapes it again and renders:
<div class="field field-name-field-department field-type-text field-label-inline inline">
FOO &amp; BAR </div>
Comment | File | Size | Author |
---|---|---|---|
#4 | 2074611_ldap_tokens_escaped_before_saved-2.patch | 659 bytes | lawsonk |
#1 | 2074611_ldap_tokens_escaped_before_saved.patch | 630 bytes | lawsonk |
Comments
Comment #1
lawsonk CreditAttribution: lawsonk commentedThe attached patch fixes this issue for me.
Comment #2
lawsonk CreditAttribution: lawsonk commentedI also encounter this problem with apostrophes in department names which gets rendered as:
With the patch the value is stored un-escaped in the database and Drupal renders it correctly:
Comment #2.0
lawsonk CreditAttribution: lawsonk commentedQuoting HTML properly.
Comment #3
johnbarclay CreditAttribution: johnbarclay commented#1 makes doesn't make the tokens lower case.
Comment #4
lawsonk CreditAttribution: lawsonk commentedHere's an updated patch with drupal_strtolower() added back.
Comment #5
johnbarclay CreditAttribution: johnbarclay commentedI committed a variation of this: http://drupalcode.org/project/ldap.git/commitdiff/a03a591b2b884de9fcaf82...
Thanks.
Comment #5.0
johnbarclay CreditAttribution: johnbarclay commentedQuoted SQL query too since it wasn't being displayed in issue correctly.
Comment #6
grahlComment #7
grahlComment #11
grahlJust tried this, works fine.