BBCode: & in img-url not working

knutms

Joined: 2006-01-27
Posts: 2
Posted: Fri, 2006-01-27 18:24

I want to view a image in the Description-part in albums. But when I write:

{img}http://gallery.menalto.com/gallery2/main.php?g2_view=core.DownloadItem&g2_itemId=8234&g2_serialNumber=2{/img} (switched [] with {} for display purpose)

it get converted to:

<img src="http://gallery.menalto.com/gallery2/main.php?g2_view=core.DownloadItem&amp;amp;g2_itemId=8234&amp;amp;g2_serialNumber=2" alt="">

And the image is not working. Any ideas on how I can fix this?

Knut Magne
Norway
 
knutms

Joined: 2006-01-27
Posts: 2
Posted: Fri, 2006-01-27 20:01

Made a quick and dirty hack in my theme.inc. Added
$item->setDescription(str_replace('amp;','', $item->getDescription()));
as the first line of the showAlbumPage() method.

But I guess it's a better way to fix it.

Btw: I'm running G2 v2.0.2
 
mindless
mindless's picture

Joined: 2004-01-04
Posts: 8601
Posted: Tue, 2006-01-31 05:10

there's an htmlspecialchars call in our bbcode code that looks suspicious.. try removing your dirty hack and making this change in lib/smarty_plugins/modifier.markup.php function image() change:
return sprintf('<img src="%s" alt=""/>', htmlspecialchars($elementContents));
to:
return sprintf('<img src="%s" alt=""/>', $elementContents);

Let us know if that works.. we already escape things we store in the db, so I think this htmlspecialchars call may be redundant/extra escaping.
 
knutmas

Joined: 2006-01-27
Posts: 1
Posted: Wed, 2006-02-01 20:16

Thanks! Works like a charm now..
 
mindless
mindless's picture

Joined: 2004-01-04
Posts: 8601
Posted: Fri, 2006-02-03 16:52

i have added a unit test and committed this change to cvs; thanks for the report :)